[GitHub] [tomcat] efge commented on pull request #406: Improve the SSLValve so it is able to handle the ssl_client_escaped_cert header from Nginx
efge commented on pull request #406: URL: https://github.com/apache/tomcat/pull/406#issuecomment-804437149 (force-pushed to rebase) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [tomcat] branch master updated: Avoid reflection use for classloader configuration
On 22/03/2021 11:53, r...@apache.org wrote: This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 5803d56 Avoid reflection use for classloader configuration 5803d56 is described below commit 5803d56dac2261a5b65680fb1d250135b20175ee Author: remm AuthorDate: Mon Mar 22 12:52:47 2021 +0100 Avoid reflection use for classloader configuration This makes the leak related properties depend on the use of a classloader that extends WebappClassLoaderBase, but this is quite obvious this would be the case as it seems insane to reimplement this. Fair enough. From memory, I was trying to support custom class loaders that didn't extend WebappClassLoaderBase but I agree it is highly unlikely anyone would do that. Happy to see this code go. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Remove unused code/strings
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new f604e26 Remove unused code/strings f604e26 is described below commit f604e2672cdb621b4864288c70c3562e44de65b7 Author: Mark Thomas AuthorDate: Mon Mar 22 22:10:40 2021 + Remove unused code/strings --- java/org/apache/catalina/core/LocalStrings_fr.properties| 1 - java/org/apache/catalina/core/LocalStrings_ja.properties| 1 - java/org/apache/catalina/core/LocalStrings_ko.properties| 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - java/org/apache/catalina/core/StandardContext.java | 11 --- 5 files changed, 15 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties b/java/org/apache/catalina/core/LocalStrings_fr.properties index d227738..55c45dc 100644 --- a/java/org/apache/catalina/core/LocalStrings_fr.properties +++ b/java/org/apache/catalina/core/LocalStrings_fr.properties @@ -208,7 +208,6 @@ standardContext.stop.asyncWaitInterrupted=Une interruption a été reçue en att standardContext.stoppingContext=Exception à l''arrêt du Context [{0}] standardContext.threadBindingListenerError=Une erreur s''est produite dans l''écouteur de l’''association de thread configuré pour le contexte [{0}] standardContext.urlPattern.patternWarning=WARNING : Le modèle (pattern) d''URL [{0}] doit commencer par un ''/'' dans l''API Servlet 2.4 -standardContext.webappClassLoader.missingProperty=Impossible de fixer la propriété [{0}] du chargeur de classes de l''application web à [{1}] car cette propriété n''existe pas standardContext.workCreateException=Impossible de déterminer le chemin absolu pour le répertoire de travail à partir du répertoire [{0}] et de CATALINA_HOME [{1}] pour le contexte [{2}] standardContext.workCreateFail=Impossible de créer le répertoire de travail [{0}] pour le contexte [{1}] standardContext.workPath=Impossible d''obtenir le chemin de travail pour le contexte [{0}] diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties b/java/org/apache/catalina/core/LocalStrings_ja.properties index 018aff9..8af2c96 100644 --- a/java/org/apache/catalina/core/LocalStrings_ja.properties +++ b/java/org/apache/catalina/core/LocalStrings_ja.properties @@ -208,7 +208,6 @@ standardContext.stop.asyncWaitInterrupted=実行中の非同期要求が完了 standardContext.stoppingContext=ローダを停止中の例外です standardContext.threadBindingListenerError=コンテキスト [{0}] に構成されたリスナーを束縛するスレッドで異常が発生しました。 standardContext.urlPattern.patternWarning=警告: Servlet 2.4ではURLパターン [{0}] は''/''で始まらなければいけません -standardContext.webappClassLoader.missingProperty=プロパティが存在しないため、Webアプリケーションクラスローダプロパティ[{0}]を[{1}]に設定できません。 standardContext.workCreateException=コンテキスト[{2}]のディレクトリ[{0}]とCATALINA_HOME [{1}]からの絶対workディレクトリを特定できませんでした standardContext.workCreateFail=コンテキスト [{1}] の作業ディレクトリ [{0}] を作成できません。 standardContext.workPath=コンテキスト[{0}]のworkパスを取得中の例外 diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties b/java/org/apache/catalina/core/LocalStrings_ko.properties index 4521d76..3abed4c 100644 --- a/java/org/apache/catalina/core/LocalStrings_ko.properties +++ b/java/org/apache/catalina/core/LocalStrings_ko.properties @@ -208,7 +208,6 @@ standardContext.stop.asyncWaitInterrupted=처리 중인 비동기 요청이 완 standardContext.stoppingContext=이름이 [{0}]인 컨텍스트를 중지시키는 중 예외 발생 standardContext.threadBindingListenerError=컨텍스트 [{0}]을(를) 위해 설정된 쓰레드 바인딩 리스너에서 오류가 발생했습니다. standardContext.urlPattern.patternWarning=경고: Servlet 2.4에서 URL 패턴 [{0}]은(는) 반드시 ''/''로 시작해야 합니다. -standardContext.webappClassLoader.missingProperty=해당 프로퍼티가 존재하지 않기에, 웹 애플리케이션 클래스로더 프로퍼티 [{0}]을(를) [{1}](으)로 설정할 수 없습니다. standardContext.workCreateException=디렉토리 [{0}]와(과) CATALINA_HOME [{1}](으)로부터, 컨텍스트 [{2}]을(를) 위한 작업 디렉토리의 절대 경로를 결정하지 못했습니다. standardContext.workCreateFail=컨텍스트 [{1}]을(를) 위한 작업 디렉토리 [{0}]을(를) 생성하지 못했습니다. standardContext.workPath=컨텍스트 [{0}]을(를) 위한 작업 경로를 구하는 중 예외 발생 diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties index 08a37b9..82fb949 100644 --- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties +++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties @@ -208,7 +208,6 @@ standardContext.stop.asyncWaitInterrupted=等待卸载延迟毫秒以完成飞 standardContext.stoppingContext=异常停止的上下文使用名为[{0}] standardContext.threadBindingListenerError=上下文[{0}]配置的线程绑定监听器发生错误 standardContext.urlPattern.patternWarning=警告:在Servlet 2.4中,URL模式[{0}]必须以“/”开头 -standardContext.webappClassLoader.missingProperty=无法将web应用程序类加载器属性[{0}]设置为[{1}],因为该属性不存在。 standardContext.workCreateException=无法从目录[{0}]和catalina_home[{1}]中为上下文[{2}]确定绝对工作目录 standardContext.workCreateFail=无法为上下文[{1}]创建工作目录[{0}] standardContext.workPath=获取上下文[{0}]的工作路径时发生异常 diff --git
[tomcat] branch 9.0.x updated: Remove unused strings
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new 014b101 Remove unused strings 014b101 is described below commit 014b101d97ca7cf7d4af6c91063c40eb33c211cc Author: Mark Thomas AuthorDate: Mon Mar 22 22:09:09 2021 + Remove unused strings --- java/org/apache/catalina/core/LocalStrings_fr.properties| 1 - java/org/apache/catalina/core/LocalStrings_ja.properties| 1 - java/org/apache/catalina/core/LocalStrings_ko.properties| 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - 4 files changed, 4 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties b/java/org/apache/catalina/core/LocalStrings_fr.properties index 20061bc..d96f918 100644 --- a/java/org/apache/catalina/core/LocalStrings_fr.properties +++ b/java/org/apache/catalina/core/LocalStrings_fr.properties @@ -231,7 +231,6 @@ standardContext.stoppingContext=Exception à l''arrêt du Context [{0}] standardContext.suspiciousUrl=Modèle d''URL suspect : [{0}] dans le contexte [{1}], voir les sections 12.1 et 12.2 de la spécification Servlets standardContext.threadBindingListenerError=Une erreur s''est produite dans l''écouteur de l’''association de thread configuré pour le contexte [{0}] standardContext.urlPattern.patternWarning=WARNING : Le modèle (pattern) d''URL [{0}] doit commencer par un ''/'' dans l''API Servlet 2.4 -standardContext.webappClassLoader.missingProperty=Impossible de fixer la propriété [{0}] du chargeur de classes de l''application web à [{1}] car cette propriété n''existe pas standardContext.workCreateException=Impossible de déterminer le chemin absolu pour le répertoire de travail à partir du répertoire [{0}] et de CATALINA_HOME [{1}] pour le contexte [{2}] standardContext.workCreateFail=Impossible de créer le répertoire de travail [{0}] pour le contexte [{1}] standardContext.workPath=Impossible d''obtenir le chemin de travail pour le contexte [{0}] diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties b/java/org/apache/catalina/core/LocalStrings_ja.properties index d54f076..b217819 100644 --- a/java/org/apache/catalina/core/LocalStrings_ja.properties +++ b/java/org/apache/catalina/core/LocalStrings_ja.properties @@ -231,7 +231,6 @@ standardContext.stoppingContext=ローダを停止中の例外です standardContext.suspiciousUrl=コンテキスト [{1}] に不審な URL パターン [{0}] があります。サーブレット仕様の 12.1 および 12.2 を参照してください。 standardContext.threadBindingListenerError=コンテキスト [{0}] に構成されたリスナーを束縛するスレッドで異常が発生しました。 standardContext.urlPattern.patternWarning=警告: Servlet 2.4ではURLパターン [{0}] は''/''で始まらなければいけません -standardContext.webappClassLoader.missingProperty=プロパティが存在しないため、Webアプリケーションクラスローダプロパティ[{0}]を[{1}]に設定できません。 standardContext.workCreateException=コンテキスト[{2}]のディレクトリ[{0}]とCATALINA_HOME [{1}]からの絶対workディレクトリを特定できませんでした standardContext.workCreateFail=コンテキスト [{1}] の作業ディレクトリ [{0}] を作成できません。 standardContext.workPath=コンテキスト[{0}]のworkパスを取得中の例外 diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties b/java/org/apache/catalina/core/LocalStrings_ko.properties index 4aa5f41..293da42 100644 --- a/java/org/apache/catalina/core/LocalStrings_ko.properties +++ b/java/org/apache/catalina/core/LocalStrings_ko.properties @@ -231,7 +231,6 @@ standardContext.stoppingContext=이름이 [{0}]인 컨텍스트를 중지시키 standardContext.suspiciousUrl=의심스러운 URL 패턴: 컨텍스트 [{1}] 내의 [{0}]. 서블릿 스펙의 12.1장과 12.2장을 참조하십시오. standardContext.threadBindingListenerError=컨텍스트 [{0}]을(를) 위해 설정된 쓰레드 바인딩 리스너에서 오류가 발생했습니다. standardContext.urlPattern.patternWarning=경고: Servlet 2.4에서 URL 패턴 [{0}]은(는) 반드시 ''/''로 시작해야 합니다. -standardContext.webappClassLoader.missingProperty=해당 프로퍼티가 존재하지 않기에, 웹 애플리케이션 클래스로더 프로퍼티 [{0}]을(를) [{1}](으)로 설정할 수 없습니다. standardContext.workCreateException=디렉토리 [{0}]와(과) CATALINA_HOME [{1}](으)로부터, 컨텍스트 [{2}]을(를) 위한 작업 디렉토리의 절대 경로를 결정하지 못했습니다. standardContext.workCreateFail=컨텍스트 [{1}]을(를) 위한 작업 디렉토리 [{0}]을(를) 생성하지 못했습니다. standardContext.workPath=컨텍스트 [{0}]을(를) 위한 작업 경로를 구하는 중 예외 발생 diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties index 1d441e5..5ecdd45 100644 --- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties +++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties @@ -232,7 +232,6 @@ standardContext.stoppingContext=异常停止的上下文使用名为[{0}] standardContext.suspiciousUrl=可疑的URL模式:[{0}]在上下文[{1}]中,请参阅Servlet规范的第12.1节和第12.2节 standardContext.threadBindingListenerError=上下文[{0}]配置的线程绑定监听器发生错误 standardContext.urlPattern.patternWarning=警告:在Servlet 2.4中,URL模式[{0}]必须以“/”开头 -standardContext.webappClassLoader.missingProperty=无法将web应用程序类加载器属性[{0}]设置为[{1}],因为该属性不存在。 standardContext.workCreateException=无法从目录[{0}]和catalina_home[{1}]中为上下文[{2}]确定绝对工作目录 standardContext.workCreateFail=无法为上下文[{1}]创建工作目录[{0}]
[tomcat] branch master updated: Remove unused strings
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 22a4b3d Remove unused strings 22a4b3d is described below commit 22a4b3d65d2a050ca2f70d7bceaec89883bfb887 Author: Mark Thomas AuthorDate: Mon Mar 22 22:07:37 2021 + Remove unused strings --- java/org/apache/catalina/core/LocalStrings_fr.properties| 1 - java/org/apache/catalina/core/LocalStrings_ja.properties| 1 - java/org/apache/catalina/core/LocalStrings_ko.properties| 1 - java/org/apache/catalina/core/LocalStrings_zh_CN.properties | 1 - 4 files changed, 4 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings_fr.properties b/java/org/apache/catalina/core/LocalStrings_fr.properties index 034737a..07e3849 100644 --- a/java/org/apache/catalina/core/LocalStrings_fr.properties +++ b/java/org/apache/catalina/core/LocalStrings_fr.properties @@ -230,7 +230,6 @@ standardContext.stoppingContext=Exception à l''arrêt du Context [{0}] standardContext.suspiciousUrl=Modèle d''URL suspect : [{0}] dans le contexte [{1}], voir les sections 12.1 et 12.2 de la spécification Servlets standardContext.threadBindingListenerError=Une erreur s''est produite dans l''écouteur de l’''association de thread configuré pour le contexte [{0}] standardContext.urlPattern.patternWarning=WARNING : Le modèle (pattern) d''URL [{0}] doit commencer par un ''/'' dans l''API Servlet 2.4 -standardContext.webappClassLoader.missingProperty=Impossible de fixer la propriété [{0}] du chargeur de classes de l''application web à [{1}] car cette propriété n''existe pas standardContext.workCreateException=Impossible de déterminer le chemin absolu pour le répertoire de travail à partir du répertoire [{0}] et de CATALINA_HOME [{1}] pour le contexte [{2}] standardContext.workCreateFail=Impossible de créer le répertoire de travail [{0}] pour le contexte [{1}] standardContext.workPath=Impossible d''obtenir le chemin de travail pour le contexte [{0}] diff --git a/java/org/apache/catalina/core/LocalStrings_ja.properties b/java/org/apache/catalina/core/LocalStrings_ja.properties index 5a98640..aef615d 100644 --- a/java/org/apache/catalina/core/LocalStrings_ja.properties +++ b/java/org/apache/catalina/core/LocalStrings_ja.properties @@ -230,7 +230,6 @@ standardContext.stoppingContext=ローダを停止中の例外です standardContext.suspiciousUrl=コンテキスト [{1}] に不審な URL パターン [{0}] があります。サーブレット仕様の 12.1 および 12.2 を参照してください。 standardContext.threadBindingListenerError=コンテキスト [{0}] に構成されたリスナーを束縛するスレッドで異常が発生しました。 standardContext.urlPattern.patternWarning=警告: Servlet 2.4ではURLパターン [{0}] は''/''で始まらなければいけません -standardContext.webappClassLoader.missingProperty=プロパティが存在しないため、Webアプリケーションクラスローダプロパティ[{0}]を[{1}]に設定できません。 standardContext.workCreateException=コンテキスト[{2}]のディレクトリ[{0}]とCATALINA_HOME [{1}]からの絶対workディレクトリを特定できませんでした standardContext.workCreateFail=コンテキスト [{1}] の作業ディレクトリ [{0}] を作成できません。 standardContext.workPath=コンテキスト[{0}]のworkパスを取得中の例外 diff --git a/java/org/apache/catalina/core/LocalStrings_ko.properties b/java/org/apache/catalina/core/LocalStrings_ko.properties index a4165b4..9a9c503 100644 --- a/java/org/apache/catalina/core/LocalStrings_ko.properties +++ b/java/org/apache/catalina/core/LocalStrings_ko.properties @@ -230,7 +230,6 @@ standardContext.stoppingContext=이름이 [{0}]인 컨텍스트를 중지시키 standardContext.suspiciousUrl=의심스러운 URL 패턴: 컨텍스트 [{1}] 내의 [{0}]. 서블릿 스펙의 12.1장과 12.2장을 참조하십시오. standardContext.threadBindingListenerError=컨텍스트 [{0}]을(를) 위해 설정된 쓰레드 바인딩 리스너에서 오류가 발생했습니다. standardContext.urlPattern.patternWarning=경고: Servlet 2.4에서 URL 패턴 [{0}]은(는) 반드시 ''/''로 시작해야 합니다. -standardContext.webappClassLoader.missingProperty=해당 프로퍼티가 존재하지 않기에, 웹 애플리케이션 클래스로더 프로퍼티 [{0}]을(를) [{1}](으)로 설정할 수 없습니다. standardContext.workCreateException=디렉토리 [{0}]와(과) CATALINA_HOME [{1}](으)로부터, 컨텍스트 [{2}]을(를) 위한 작업 디렉토리의 절대 경로를 결정하지 못했습니다. standardContext.workCreateFail=컨텍스트 [{1}]을(를) 위한 작업 디렉토리 [{0}]을(를) 생성하지 못했습니다. standardContext.workPath=컨텍스트 [{0}]을(를) 위한 작업 경로를 구하는 중 예외 발생 diff --git a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties index dfd43d0..0341978 100644 --- a/java/org/apache/catalina/core/LocalStrings_zh_CN.properties +++ b/java/org/apache/catalina/core/LocalStrings_zh_CN.properties @@ -231,7 +231,6 @@ standardContext.stoppingContext=异常停止的上下文使用名为[{0}] standardContext.suspiciousUrl=可疑的URL模式:[{0}]在上下文[{1}]中,请参阅Servlet规范的第12.1节和第12.2节 standardContext.threadBindingListenerError=上下文[{0}]配置的线程绑定监听器发生错误 standardContext.urlPattern.patternWarning=警告:在Servlet 2.4中,URL模式[{0}]必须以“/”开头 -standardContext.webappClassLoader.missingProperty=无法将web应用程序类加载器属性[{0}]设置为[{1}],因为该属性不存在。 standardContext.workCreateException=无法从目录[{0}]和catalina_home[{1}]中为上下文[{2}]确定绝对工作目录 standardContext.workCreateFail=无法为上下文[{1}]创建工作目录[{0}]
[tomcat] 05/05: Fix checkstyle nag
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit d2f09175449fa1c6b5e8eca5447fccc476de3fc2 Author: Mark Thomas AuthorDate: Mon Mar 22 22:05:02 2021 + Fix checkstyle nag --- java/org/apache/catalina/connector/InputBuffer.java | 1 + 1 file changed, 1 insertion(+) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index 6111c07..f2dba3d 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -27,6 +27,7 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; + import javax.servlet.ReadListener; import org.apache.catalina.security.SecurityUtil; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/05: Refactor setReadListener() in preparation for fix for BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 1ec5a88aaa49b0cd13ac0ab10cc303e36d8a0369 Author: Mark Thomas AuthorDate: Mon Mar 22 21:45:21 2021 + Refactor setReadListener() in preparation for fix for BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/InputBuffer.java | 16 java/org/apache/coyote/Request.java | 16 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index 0271c5e..6111c07 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -244,22 +244,6 @@ public class InputBuffer extends Reader public void setReadListener(ReadListener listener) { coyoteRequest.setReadListener(listener); - -// The container is responsible for the first call to -// listener.onDataAvailable(). If isReady() returns true, the container -// needs to call listener.onDataAvailable() from a new thread. If -// isReady() returns false, the socket will be registered for read and -// the container will call listener.onDataAvailable() once data arrives. -// Must call isFinished() first as a call to isReady() if the request -// has been finished will register the socket for read interest and that -// is not required. -if (!coyoteRequest.isFinished() && isReady()) { -coyoteRequest.action(ActionCode.DISPATCH_READ, null); -if (!ContainerThreadMarker.isContainerThread()) { -// Not on a container thread so need to execute the dispatch -coyoteRequest.action(ActionCode.DISPATCH_EXECUTE, null); -} -} } diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index b15cc70..e930b0e 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -191,6 +191,22 @@ public final class Request { } this.listener = listener; + +// The container is responsible for the first call to +// listener.onDataAvailable(). If isReady() returns true, the container +// needs to call listener.onDataAvailable() from a new thread. If +// isReady() returns false, the socket will be registered for read and +// the container will call listener.onDataAvailable() once data arrives. +// Must call isFinished() first as a call to isReady() if the request +// has been finished will register the socket for read interest and that +// is not required. +if (!isFinished() && isReady()) { +action(ActionCode.DISPATCH_READ, null); +if (!ContainerThreadMarker.isContainerThread()) { +// Not on a container thread so need to execute the dispatch +action(ActionCode.DISPATCH_EXECUTE, null); +} +} } public boolean isReady() { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/05: Refactor isReady() in preparation for fix of BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 110a6a86b3890e58501bbc74f994b20300309c1b Author: Mark Thomas AuthorDate: Mon Mar 22 21:43:27 2021 + Refactor isReady() in preparation for fix of BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/InputBuffer.java | 6 +- java/org/apache/coyote/Request.java | 7 +++ 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index 8393e09..0271c5e 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -27,8 +27,6 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; -import java.util.concurrent.atomic.AtomicBoolean; - import javax.servlet.ReadListener; import org.apache.catalina.security.SecurityUtil; @@ -309,9 +307,7 @@ public class InputBuffer extends Reader return true; } -AtomicBoolean result = new AtomicBoolean(); -coyoteRequest.action(ActionCode.NB_READ_INTEREST, result); -return result.get(); +return coyoteRequest.isReady(); } diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 35189e8..b15cc70 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -193,6 +193,13 @@ public final class Request { this.listener = listener; } +public boolean isReady() { +AtomicBoolean result = new AtomicBoolean(); +action(ActionCode.NB_READ_INTEREST, result); +return result.get(); +} + + private final AtomicBoolean allDataReadEventSent = new AtomicBoolean(false); public boolean sendAllDataReadEvent() { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 04/05: Fix BZ 64771. Support calls to SocketInputStream.isReady()
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit ea8ffba3fc4740201eb93321eb42bb684959cf34 Author: Mark Thomas AuthorDate: Mon Mar 22 21:56:44 2021 + Fix BZ 64771. Support calls to SocketInputStream.isReady() Prior to this fix, concurrent calls to isReady() could corrupt the input buffer. The fix is modelled on the similar changes made for SocketOutputStream.isReady() --- java/org/apache/coyote/Request.java | 60 ++--- webapps/docs/changelog.xml | 5 2 files changed, 61 insertions(+), 4 deletions(-) diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 8f8554e..9611cf8 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -166,7 +166,18 @@ public final class Request { */ private Exception errorException = null; +/* + * State for non-blocking output is maintained here as it is the one point + * easily reachable from the CoyoteInputStream and the CoyoteAdapter which + * both need access to state. + */ volatile ReadListener listener; +// Ensures listener is only fired after a call is isReady() +private boolean fireListener = false; +// Tracks read registration to prevent duplicate registrations +private boolean registeredForRead = false; +// Lock used to manage concurrent access to above flags +private final Object nonBlockingStateLock = new Object(); public ReadListener getReadListener() { return listener; @@ -201,6 +212,14 @@ public final class Request { // has been finished will register the socket for read interest and that // is not required. if (!isFinished() && isReady()) { +synchronized (nonBlockingStateLock) { +// Ensure we don't get multiple read registrations +registeredForRead = true; +// Need to set the fireListener flag otherwise when the +// container tries to trigger onDataAvailable, nothing will +// happen +fireListener = true; +} action(ActionCode.DISPATCH_READ, null); if (!ContainerThreadMarker.isContainerThread()) { // Not on a container thread so need to execute the dispatch @@ -210,13 +229,42 @@ public final class Request { } public boolean isReady() { -AtomicBoolean result = new AtomicBoolean(); -action(ActionCode.NB_READ_INTEREST, result); -return result.get(); +// Assume read is not possible +boolean ready = false; +synchronized (nonBlockingStateLock) { +if (registeredForRead) { +fireListener = true; +return false; +} +ready = checkRegisterForRead(); +fireListener = !ready; +} +return ready; +} + +private boolean checkRegisterForRead() { +AtomicBoolean ready = new AtomicBoolean(false); +synchronized (nonBlockingStateLock) { +if (!registeredForRead) { +action(ActionCode.NB_READ_INTEREST, ready); +registeredForRead = !ready.get(); +} +} +return ready.get(); } public void onDataAvailable() throws IOException { -listener.onDataAvailable(); +boolean fire = false; +synchronized (nonBlockingStateLock) { +registeredForRead = false; +if (fireListener) { +fireListener = false; +fire = true; +} +} +if (fire) { +listener.onDataAvailable(); +} } @@ -743,6 +791,10 @@ public final class Request { attributes.clear(); listener = null; +synchronized (nonBlockingStateLock) { +fireListener = false; +registeredForRead = false; +} allDataReadEventSent.set(false); startTime = -1; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index cb7bc06..5493b1a6 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -136,6 +136,11 @@ present. (markt) +64771: Prevent concurrent calls to +ServletInputStream.isReady() corrupting the input buffer. +(markt) + + 65179: Ensure that the connection level flow control window from the client to the server is updated when handling DATA frames received for completed streams else the flow control window may become - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 03/05: Refactor onDataAvailable() in preparation for fixing BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 89e16ba72a5b7c56ac5120b6a46da783fe7947cd Author: Mark Thomas AuthorDate: Mon Mar 22 21:51:24 2021 + Refactor onDataAvailable() in preparation for fixing BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/CoyoteAdapter.java | 2 +- java/org/apache/coyote/Request.java | 4 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index 9d06af9..766c11f 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -218,7 +218,7 @@ public class CoyoteAdapter implements Adapter { // onAllDataRead() event. Therefore, make sure // onDataAvailable() is not called in this case. if (!request.isFinished()) { -readListener.onDataAvailable(); +req.onDataAvailable(); } if (request.isFinished() && req.sendAllDataReadEvent()) { readListener.onAllDataRead(); diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index e930b0e..8f8554e 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -215,6 +215,10 @@ public final class Request { return result.get(); } +public void onDataAvailable() throws IOException { +listener.onDataAvailable(); +} + private final AtomicBoolean allDataReadEventSent = new AtomicBoolean(false); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated (aabee09 -> d2f0917)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from aabee09 Better variable name. These are request headers, not response headers. new 110a6a8 Refactor isReady() in preparation for fix of BZ 64771 new 1ec5a88 Refactor setReadListener() in preparation for fix for BZ 64771 new 89e16ba Refactor onDataAvailable() in preparation for fixing BZ 64771 new ea8ffba Fix BZ 64771. Support calls to SocketInputStream.isReady() new d2f0917 Fix checkstyle nag The 5 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/catalina/connector/CoyoteAdapter.java | 2 +- .../org/apache/catalina/connector/InputBuffer.java | 21 +- java/org/apache/coyote/Request.java| 79 ++ webapps/docs/changelog.xml | 5 ++ 4 files changed, 86 insertions(+), 21 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated (57396e9 -> 5f85526)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 57396e9 Better variable name. These are request headers, not response headers. new da10a04 Refactor isReady() in preparation for fix of BZ 64771 new ea9a386 Refactor setReadListener() in preparation for fix for BZ 64771 new 16a2315 Refactor onDataAvailable() in preparation for fixing BZ 64771 new 5f85526 Fix BZ 64771. Support calls to SocketInputStream.isReady() The 4 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/catalina/connector/CoyoteAdapter.java | 2 +- .../org/apache/catalina/connector/InputBuffer.java | 21 +- java/org/apache/coyote/Request.java| 79 ++ webapps/docs/changelog.xml | 5 ++ 4 files changed, 86 insertions(+), 21 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 04/04: Fix BZ 64771. Support calls to SocketInputStream.isReady()
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 5f85526a093190881b939486320b7e5b1d6849ab Author: Mark Thomas AuthorDate: Mon Mar 22 21:56:44 2021 + Fix BZ 64771. Support calls to SocketInputStream.isReady() Prior to this fix, concurrent calls to isReady() could corrupt the input buffer. The fix is modelled on the similar changes made for SocketOutputStream.isReady() --- java/org/apache/coyote/Request.java | 60 ++--- webapps/docs/changelog.xml | 5 2 files changed, 61 insertions(+), 4 deletions(-) diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index be557a6..36f91c2 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -166,7 +166,18 @@ public final class Request { */ private Exception errorException = null; +/* + * State for non-blocking output is maintained here as it is the one point + * easily reachable from the CoyoteInputStream and the CoyoteAdapter which + * both need access to state. + */ volatile ReadListener listener; +// Ensures listener is only fired after a call is isReady() +private boolean fireListener = false; +// Tracks read registration to prevent duplicate registrations +private boolean registeredForRead = false; +// Lock used to manage concurrent access to above flags +private final Object nonBlockingStateLock = new Object(); public ReadListener getReadListener() { return listener; @@ -201,6 +212,14 @@ public final class Request { // has been finished will register the socket for read interest and that // is not required. if (!isFinished() && isReady()) { +synchronized (nonBlockingStateLock) { +// Ensure we don't get multiple read registrations +registeredForRead = true; +// Need to set the fireListener flag otherwise when the +// container tries to trigger onDataAvailable, nothing will +// happen +fireListener = true; +} action(ActionCode.DISPATCH_READ, null); if (!ContainerThreadMarker.isContainerThread()) { // Not on a container thread so need to execute the dispatch @@ -210,13 +229,42 @@ public final class Request { } public boolean isReady() { -AtomicBoolean result = new AtomicBoolean(); -action(ActionCode.NB_READ_INTEREST, result); -return result.get(); +// Assume read is not possible +boolean ready = false; +synchronized (nonBlockingStateLock) { +if (registeredForRead) { +fireListener = true; +return false; +} +ready = checkRegisterForRead(); +fireListener = !ready; +} +return ready; +} + +private boolean checkRegisterForRead() { +AtomicBoolean ready = new AtomicBoolean(false); +synchronized (nonBlockingStateLock) { +if (!registeredForRead) { +action(ActionCode.NB_READ_INTEREST, ready); +registeredForRead = !ready.get(); +} +} +return ready.get(); } public void onDataAvailable() throws IOException { -listener.onDataAvailable(); +boolean fire = false; +synchronized (nonBlockingStateLock) { +registeredForRead = false; +if (fireListener) { +fireListener = false; +fire = true; +} +} +if (fire) { +listener.onDataAvailable(); +} } @@ -714,6 +762,10 @@ public final class Request { attributes.clear(); listener = null; +synchronized (nonBlockingStateLock) { +fireListener = false; +registeredForRead = false; +} allDataReadEventSent.set(false); startTime = -1; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index a5e2793..7385761 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -132,6 +132,11 @@ present. (markt) +64771: Prevent concurrent calls to +ServletInputStream.isReady() corrupting the input buffer. +(markt) + + 65179: Ensure that the connection level flow control window from the client to the server is updated when handling DATA frames received for completed streams else the flow control window may become - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 03/04: Refactor onDataAvailable() in preparation for fixing BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 16a2315ea0a25a45bbc816f70a8c0f6e9a8bc675 Author: Mark Thomas AuthorDate: Mon Mar 22 21:51:24 2021 + Refactor onDataAvailable() in preparation for fixing BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/CoyoteAdapter.java | 2 +- java/org/apache/coyote/Request.java | 4 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index 01fd70b..71ff866 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -211,7 +211,7 @@ public class CoyoteAdapter implements Adapter { // onAllDataRead() event. Therefore, make sure // onDataAvailable() is not called in this case. if (!request.isFinished()) { -readListener.onDataAvailable(); +req.onDataAvailable(); } if (request.isFinished() && req.sendAllDataReadEvent()) { readListener.onAllDataRead(); diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 7678111..be557a6 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -215,6 +215,10 @@ public final class Request { return result.get(); } +public void onDataAvailable() throws IOException { +listener.onDataAvailable(); +} + private final AtomicBoolean allDataReadEventSent = new AtomicBoolean(false); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/04: Refactor setReadListener() in preparation for fix for BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit ea9a386aa3c3c1ce59afa4341099b960c7f74bf2 Author: Mark Thomas AuthorDate: Mon Mar 22 21:45:21 2021 + Refactor setReadListener() in preparation for fix for BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/InputBuffer.java | 16 java/org/apache/coyote/Request.java | 16 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index 0c8118b..a69effd 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -237,22 +237,6 @@ public class InputBuffer extends Reader public void setReadListener(ReadListener listener) { coyoteRequest.setReadListener(listener); - -// The container is responsible for the first call to -// listener.onDataAvailable(). If isReady() returns true, the container -// needs to call listener.onDataAvailable() from a new thread. If -// isReady() returns false, the socket will be registered for read and -// the container will call listener.onDataAvailable() once data arrives. -// Must call isFinished() first as a call to isReady() if the request -// has been finished will register the socket for read interest and that -// is not required. -if (!coyoteRequest.isFinished() && isReady()) { -coyoteRequest.action(ActionCode.DISPATCH_READ, null); -if (!ContainerThreadMarker.isContainerThread()) { -// Not on a container thread so need to execute the dispatch -coyoteRequest.action(ActionCode.DISPATCH_EXECUTE, null); -} -} } diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index e4fd4cd..7678111 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -191,6 +191,22 @@ public final class Request { } this.listener = listener; + +// The container is responsible for the first call to +// listener.onDataAvailable(). If isReady() returns true, the container +// needs to call listener.onDataAvailable() from a new thread. If +// isReady() returns false, the socket will be registered for read and +// the container will call listener.onDataAvailable() once data arrives. +// Must call isFinished() first as a call to isReady() if the request +// has been finished will register the socket for read interest and that +// is not required. +if (!isFinished() && isReady()) { +action(ActionCode.DISPATCH_READ, null); +if (!ContainerThreadMarker.isContainerThread()) { +// Not on a container thread so need to execute the dispatch +action(ActionCode.DISPATCH_EXECUTE, null); +} +} } public boolean isReady() { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/04: Refactor isReady() in preparation for fix of BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit da10a0478c7affd397834797d29316ca112cc220 Author: Mark Thomas AuthorDate: Mon Mar 22 21:43:27 2021 + Refactor isReady() in preparation for fix of BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/InputBuffer.java | 5 + java/org/apache/coyote/Request.java | 7 +++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index 6c9c6d1..0c8118b 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -27,7 +27,6 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; -import java.util.concurrent.atomic.AtomicBoolean; import javax.servlet.ReadListener; @@ -301,9 +300,7 @@ public class InputBuffer extends Reader return true; } -AtomicBoolean result = new AtomicBoolean(); -coyoteRequest.action(ActionCode.NB_READ_INTEREST, result); -return result.get(); +return coyoteRequest.isReady(); } diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 72ca5c9..e4fd4cd 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -193,6 +193,13 @@ public final class Request { this.listener = listener; } +public boolean isReady() { +AtomicBoolean result = new AtomicBoolean(); +action(ActionCode.NB_READ_INTEREST, result); +return result.get(); +} + + private final AtomicBoolean allDataReadEventSent = new AtomicBoolean(false); public boolean sendAllDataReadEvent() { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix BZ 64771. Support calls to SocketInputStream.isReady()
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new a9160a6 Fix BZ 64771. Support calls to SocketInputStream.isReady() a9160a6 is described below commit a9160a6cfc83adfdba18c78761ccb1b401f7b8b6 Author: Mark Thomas AuthorDate: Mon Mar 22 21:56:44 2021 + Fix BZ 64771. Support calls to SocketInputStream.isReady() Prior to this fix, concurrent calls to isReady() could corrupt the input buffer. The fix is modelled on the similar changes made for SocketOutputStream.isReady() --- java/org/apache/coyote/Request.java | 60 ++--- webapps/docs/changelog.xml | 5 2 files changed, 61 insertions(+), 4 deletions(-) diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 0fd62c3..9d609fd 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -167,7 +167,18 @@ public final class Request { */ private Exception errorException = null; +/* + * State for non-blocking output is maintained here as it is the one point + * easily reachable from the CoyoteInputStream and the CoyoteAdapter which + * both need access to state. + */ volatile ReadListener listener; +// Ensures listener is only fired after a call is isReady() +private boolean fireListener = false; +// Tracks read registration to prevent duplicate registrations +private boolean registeredForRead = false; +// Lock used to manage concurrent access to above flags +private final Object nonBlockingStateLock = new Object(); public ReadListener getReadListener() { return listener; @@ -202,6 +213,14 @@ public final class Request { // has been finished will register the socket for read interest and that // is not required. if (!isFinished() && isReady()) { +synchronized (nonBlockingStateLock) { +// Ensure we don't get multiple read registrations +registeredForRead = true; +// Need to set the fireListener flag otherwise when the +// container tries to trigger onDataAvailable, nothing will +// happen +fireListener = true; +} action(ActionCode.DISPATCH_READ, null); if (!ContainerThreadMarker.isContainerThread()) { // Not on a container thread so need to execute the dispatch @@ -211,13 +230,42 @@ public final class Request { } public boolean isReady() { -AtomicBoolean result = new AtomicBoolean(); -action(ActionCode.NB_READ_INTEREST, result); -return result.get(); +// Assume read is not possible +boolean ready = false; +synchronized (nonBlockingStateLock) { +if (registeredForRead) { +fireListener = true; +return false; +} +ready = checkRegisterForRead(); +fireListener = !ready; +} +return ready; +} + +private boolean checkRegisterForRead() { +AtomicBoolean ready = new AtomicBoolean(false); +synchronized (nonBlockingStateLock) { +if (!registeredForRead) { +action(ActionCode.NB_READ_INTEREST, ready); +registeredForRead = !ready.get(); +} +} +return ready.get(); } public void onDataAvailable() throws IOException { -listener.onDataAvailable(); +boolean fire = false; +synchronized (nonBlockingStateLock) { +registeredForRead = false; +if (fireListener) { +fireListener = false; +fire = true; +} +} +if (fire) { +listener.onDataAvailable(); +} } @@ -728,6 +776,10 @@ public final class Request { attributes.clear(); listener = null; +synchronized (nonBlockingStateLock) { +fireListener = false; +registeredForRead = false; +} allDataReadEventSent.set(false); startTimeNanos = -1; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index b5b58d2..c6eaffe 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -132,6 +132,11 @@ present. (markt) +64771: Prevent concurrent calls to +ServletInputStream.isReady() corrupting the input buffer. +(markt) + + 65179: Ensure that the connection level flow control window from the client to the server is updated when handling DATA frames received for completed streams else the flow control window may become
[tomcat] 02/02: Refactor onDataAvailable() in preparation for fixing BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit e7019f6bbfdce78b88b82f1ed01add25290b3538 Author: Mark Thomas AuthorDate: Mon Mar 22 21:51:24 2021 + Refactor onDataAvailable() in preparation for fixing BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/CoyoteAdapter.java | 2 +- java/org/apache/coyote/Request.java | 4 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java index b39f07b..ea3dbe4 100644 --- a/java/org/apache/catalina/connector/CoyoteAdapter.java +++ b/java/org/apache/catalina/connector/CoyoteAdapter.java @@ -207,7 +207,7 @@ public class CoyoteAdapter implements Adapter { // onAllDataRead() event. Therefore, make sure // onDataAvailable() is not called in this case. if (!request.isFinished()) { -readListener.onDataAvailable(); +req.onDataAvailable(); } if (request.isFinished() && req.sendAllDataReadEvent()) { readListener.onAllDataRead(); diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 4bee2b4..0fd62c3 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -216,6 +216,10 @@ public final class Request { return result.get(); } +public void onDataAvailable() throws IOException { +listener.onDataAvailable(); +} + private final AtomicBoolean allDataReadEventSent = new AtomicBoolean(false); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Fix checkstyle nag
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 1a695b38dada9563e60d06cd32086d465bcaa2a5 Author: Mark Thomas AuthorDate: Mon Mar 22 21:49:01 2021 + Fix checkstyle nag --- java/org/apache/catalina/connector/InputBuffer.java | 1 + 1 file changed, 1 insertion(+) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index bcf0571..de306f5 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -27,6 +27,7 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; + import jakarta.servlet.ReadListener; import org.apache.catalina.security.SecurityUtil; - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (c34b60e -> e7019f6)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from c34b60e Refactor setReadListener() in preparation for fix for BZ 64771 new 1a695b3 Fix checkstyle nag new e7019f6 Refactor onDataAvailable() in preparation for fixing BZ 64771 The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/catalina/connector/CoyoteAdapter.java | 2 +- java/org/apache/catalina/connector/InputBuffer.java | 1 + java/org/apache/coyote/Request.java | 4 3 files changed, 6 insertions(+), 1 deletion(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Refactor isReady() in preparation for fix of BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit b66b1f23f27ca1ac9da25e1d34f55d1bf8bb0b96 Author: Mark Thomas AuthorDate: Mon Mar 22 21:43:27 2021 + Refactor isReady() in preparation for fix of BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/InputBuffer.java | 6 +- java/org/apache/coyote/Request.java | 7 +++ 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index 9b8ebb7..79090ee 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -27,8 +27,6 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; -import java.util.concurrent.atomic.AtomicBoolean; - import jakarta.servlet.ReadListener; import org.apache.catalina.security.SecurityUtil; @@ -301,9 +299,7 @@ public class InputBuffer extends Reader return true; } -AtomicBoolean result = new AtomicBoolean(); -coyoteRequest.action(ActionCode.NB_READ_INTEREST, result); -return result.get(); +return coyoteRequest.isReady(); } diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index 219eb5f..e30a91a 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -194,6 +194,13 @@ public final class Request { this.listener = listener; } +public boolean isReady() { +AtomicBoolean result = new AtomicBoolean(); +action(ActionCode.NB_READ_INTEREST, result); +return result.get(); +} + + private final AtomicBoolean allDataReadEventSent = new AtomicBoolean(false); public boolean sendAllDataReadEvent() { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Refactor setReadListener() in preparation for fix for BZ 64771
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit c34b60e9432a34242c0ba8c1498efa0a171fba62 Author: Mark Thomas AuthorDate: Mon Mar 22 21:45:21 2021 + Refactor setReadListener() in preparation for fix for BZ 64771 https://bz.apache.org/bugzilla/show_bug.cgi?id=64771 --- java/org/apache/catalina/connector/InputBuffer.java | 16 java/org/apache/coyote/Request.java | 16 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/java/org/apache/catalina/connector/InputBuffer.java b/java/org/apache/catalina/connector/InputBuffer.java index 79090ee..bcf0571 100644 --- a/java/org/apache/catalina/connector/InputBuffer.java +++ b/java/org/apache/catalina/connector/InputBuffer.java @@ -236,22 +236,6 @@ public class InputBuffer extends Reader public void setReadListener(ReadListener listener) { coyoteRequest.setReadListener(listener); - -// The container is responsible for the first call to -// listener.onDataAvailable(). If isReady() returns true, the container -// needs to call listener.onDataAvailable() from a new thread. If -// isReady() returns false, the socket will be registered for read and -// the container will call listener.onDataAvailable() once data arrives. -// Must call isFinished() first as a call to isReady() if the request -// has been finished will register the socket for read interest and that -// is not required. -if (!coyoteRequest.isFinished() && isReady()) { -coyoteRequest.action(ActionCode.DISPATCH_READ, null); -if (!ContainerThreadMarker.isContainerThread()) { -// Not on a container thread so need to execute the dispatch -coyoteRequest.action(ActionCode.DISPATCH_EXECUTE, null); -} -} } diff --git a/java/org/apache/coyote/Request.java b/java/org/apache/coyote/Request.java index e30a91a..4bee2b4 100644 --- a/java/org/apache/coyote/Request.java +++ b/java/org/apache/coyote/Request.java @@ -192,6 +192,22 @@ public final class Request { } this.listener = listener; + +// The container is responsible for the first call to +// listener.onDataAvailable(). If isReady() returns true, the container +// needs to call listener.onDataAvailable() from a new thread. If +// isReady() returns false, the socket will be registered for read and +// the container will call listener.onDataAvailable() once data arrives. +// Must call isFinished() first as a call to isReady() if the request +// has been finished will register the socket for read interest and that +// is not required. +if (!isFinished() && isReady()) { +action(ActionCode.DISPATCH_READ, null); +if (!ContainerThreadMarker.isContainerThread()) { +// Not on a container thread so need to execute the dispatch +action(ActionCode.DISPATCH_EXECUTE, null); +} +} } public boolean isReady() { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (174fa56 -> c34b60e)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 174fa56 Better variable name. These are request headers, not response headers. new b66b1f2 Refactor isReady() in preparation for fix of BZ 64771 new c34b60e Refactor setReadListener() in preparation for fix for BZ 64771 The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../org/apache/catalina/connector/InputBuffer.java | 22 + java/org/apache/coyote/Request.java| 23 ++ 2 files changed, 24 insertions(+), 21 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated (21df62a -> aabee09)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 21df62a Avoid reflection use for classloader configuration new 717707b Cosmetic clean-up. Better comments. new aabee09 Better variable name. These are request headers, not response headers. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/coyote/Response.java | 7 +-- test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Better variable name. These are request headers, not response headers.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit aabee092ded7d043a61bdbee5e39209872b4ecd1 Author: Mark Thomas AuthorDate: Mon Mar 22 16:16:44 2021 + Better variable name. These are request headers, not response headers. --- test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java index 6217083..939d20d 100644 --- a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java +++ b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java @@ -126,9 +126,9 @@ public class TestNonBlockingAPI extends TomcatBaseTest { tomcat.start(); -Map> resHeaders = new HashMap<>(); +Map> reqHeaders = new HashMap<>(); int rc = postUrl(true, new DataWriter(async ? 0 : 500, async ? 200 : 5), -"http://localhost:; + getPort() + "/", new ByteChunk(), resHeaders, null); +"http://localhost:; + getPort() + "/", new ByteChunk(), reqHeaders, null); Assert.assertEquals(HttpServletResponse.SC_OK, rc); if (async) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Cosmetic clean-up. Better comments.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 717707b2e27603d9d3a27a24c0e67be727b4f0d4 Author: Mark Thomas AuthorDate: Mon Mar 22 16:16:03 2021 + Cosmetic clean-up. Better comments. --- java/org/apache/coyote/Response.java | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/java/org/apache/coyote/Response.java b/java/org/apache/coyote/Response.java index bd87ce9..6a6c787 100644 --- a/java/org/apache/coyote/Response.java +++ b/java/org/apache/coyote/Response.java @@ -49,9 +49,9 @@ import org.apache.tomcat.util.res.StringManager; public final class Response { private static final StringManager sm = StringManager.getManager(Response.class); - private static final Log log = LogFactory.getLog(Response.class); + // - Class Variables /** @@ -667,13 +667,16 @@ public final class Response { * need access to state. */ volatile WriteListener listener; +// Ensures listener is only fired after a call is isReady() private boolean fireListener = false; +// Tracks write registration to prevent duplicate registrations private boolean registeredForWrite = false; +// Lock used to manage concurrent access to above flags private final Object nonBlockingStateLock = new Object(); public WriteListener getWriteListener() { return listener; -} +} public void setWriteListener(WriteListener listener) { if (listener == null) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Better variable name. These are request headers, not response headers.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 57396e91e6b24ac1f61d226ba997fba9f3d76c6e Author: Mark Thomas AuthorDate: Mon Mar 22 16:16:44 2021 + Better variable name. These are request headers, not response headers. --- test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java index 9c611bc..6cbb49c 100644 --- a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java +++ b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java @@ -126,9 +126,9 @@ public class TestNonBlockingAPI extends TomcatBaseTest { tomcat.start(); -Map> resHeaders = new HashMap<>(); +Map> reqHeaders = new HashMap<>(); int rc = postUrl(true, new DataWriter(async ? 0 : 500, async ? 200 : 5), -"http://localhost:; + getPort() + "/", new ByteChunk(), resHeaders, null); +"http://localhost:; + getPort() + "/", new ByteChunk(), reqHeaders, null); Assert.assertEquals(HttpServletResponse.SC_OK, rc); if (async) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Cosmetic clean-up. Better comments.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 460f51ef3557ce842340181e9c3fa426bd6f075e Author: Mark Thomas AuthorDate: Mon Mar 22 16:16:03 2021 + Cosmetic clean-up. Better comments. --- java/org/apache/coyote/Response.java | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/java/org/apache/coyote/Response.java b/java/org/apache/coyote/Response.java index 20eea91..1a0f0f9 100644 --- a/java/org/apache/coyote/Response.java +++ b/java/org/apache/coyote/Response.java @@ -50,9 +50,9 @@ import org.apache.tomcat.util.res.StringManager; public final class Response { private static final StringManager sm = StringManager.getManager(Response.class); - private static final Log log = LogFactory.getLog(Response.class); + // - Class Variables /** @@ -669,13 +669,16 @@ public final class Response { * need access to state. */ volatile WriteListener listener; +// Ensures listener is only fired after a call is isReady() private boolean fireListener = false; +// Tracks write registration to prevent duplicate registrations private boolean registeredForWrite = false; +// Lock used to manage concurrent access to above flags private final Object nonBlockingStateLock = new Object(); public WriteListener getWriteListener() { return listener; -} +} public void setWriteListener(WriteListener listener) { if (listener == null) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated (f5d45ff -> 57396e9)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git. from f5d45ff Avoid reflection use for classloader configuration new 460f51e Cosmetic clean-up. Better comments. new 57396e9 Better variable name. These are request headers, not response headers. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/coyote/Response.java | 7 +-- test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (5803d56 -> 174fa56)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from 5803d56 Avoid reflection use for classloader configuration new b87bb5f Cosmetic clean-up. Better comments. new 174fa56 Better variable name. These are request headers, not response headers. The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: java/org/apache/coyote/Response.java | 7 +-- test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/02: Cosmetic clean-up. Better comments.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit b87bb5f4b96dc70e2421881413a9335069e416b4 Author: Mark Thomas AuthorDate: Mon Mar 22 16:16:03 2021 + Cosmetic clean-up. Better comments. --- java/org/apache/coyote/Response.java | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/java/org/apache/coyote/Response.java b/java/org/apache/coyote/Response.java index 65fc3c7..99d3324 100644 --- a/java/org/apache/coyote/Response.java +++ b/java/org/apache/coyote/Response.java @@ -51,9 +51,9 @@ import org.apache.tomcat.util.res.StringManager; public final class Response { private static final StringManager sm = StringManager.getManager(Response.class); - private static final Log log = LogFactory.getLog(Response.class); + // - Class Variables /** @@ -686,13 +686,16 @@ public final class Response { * need access to state. */ volatile WriteListener listener; +// Ensures listener is only fired after a call is isReady() private boolean fireListener = false; +// Tracks write registration to prevent duplicate registrations private boolean registeredForWrite = false; +// Lock used to manage concurrent access to above flags private final Object nonBlockingStateLock = new Object(); public WriteListener getWriteListener() { return listener; -} +} public void setWriteListener(WriteListener listener) { if (listener == null) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 02/02: Better variable name. These are request headers, not response headers.
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 174fa5679b401bfbff11392dac01a6f662ddf700 Author: Mark Thomas AuthorDate: Mon Mar 22 16:16:44 2021 + Better variable name. These are request headers, not response headers. --- test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java index 738b2aa..a4eaddc 100644 --- a/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java +++ b/test/org/apache/catalina/nonblocking/TestNonBlockingAPI.java @@ -127,9 +127,9 @@ public class TestNonBlockingAPI extends TomcatBaseTest { tomcat.start(); -Map> resHeaders = new HashMap<>(); +Map> reqHeaders = new HashMap<>(); int rc = postUrl(true, new DataWriter(async ? 0 : 500, async ? 200 : 5), -"http://localhost:; + getPort() + "/", new ByteChunk(), resHeaders, null); +"http://localhost:; + getPort() + "/", new ByteChunk(), reqHeaders, null); Assert.assertEquals(HttpServletResponse.SC_OK, rc); if (async) { - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Reproducible builds
пн, 22 мар. 2021 г. в 17:32, Mark Thomas : > > On 22/03/2021 13:16, Konstantin Kolinko wrote: > > сб, 20 мар. 2021 г. в 18:24, Emmanuel Bourg : > > >> I got a quick look, I guess you replaced the tasks with to > >> make the timestamp of the zip entries reproducible? I'm not sure this is > >> sufficient, there is no guarantee the order of the entries will be the > >> same (this is usually dependent on the filesystem used, I don't think > >> Ant sorts the entries). > > > > I have not reviewed the changes, but jar and zip differ in > > a) placement of Manifest file (jar spec requires it to be the first > > file in the archive IIRC) > > b) encoding used for file names (jar uses UTF-8, zip uses platform default) > > I couldn't find a reference to a requirement regarding the location of > MANIFEST. Do you have a reference? I do not see with quick search in current spec [1], but I see it mentioned and discussed here: [2] https://en.wikipedia.org/wiki/JAR_(file_format)#Manifest [3] https://stackoverflow.com/questions/4727637/how-do-i-verify-the-order-of-manifest-mf-within-jar [1] https://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Reproducible builds
On 22/03/2021 13:16, Konstantin Kolinko wrote: сб, 20 мар. 2021 г. в 18:24, Emmanuel Bourg : 2. The current Windows exe signing process isn't repeatable. There are a few suggestions workarounds at https://reproducible-builds.org/ and I need to discuss these with the provider of the code signing service the ASF uses (DigiCert). The signature is reproducible but not the timestamp. We'd need something like a detached signature shipped with the source package, and a build that either append the signature or get a new one from DigiCert. There are two signed executables: installer and uninstaller, and uninstaller is packed into the installer executable. That's why the installer is built twice by build.xml, first to create an uninstaller so that it could be signed. (IIRC) A timestamp is an important part of a signature (so that one does not create a new signature with an expired key). The suggested workaround would be something like: - build - sign the .exe - extract the signature and save it somewhere - rebuild - insert the saved signature If the build is reproducible, the rebuild will be identical and the inserted signature will be valid. I got a quick look, I guess you replaced the tasks with to make the timestamp of the zip entries reproducible? I'm not sure this is sufficient, there is no guarantee the order of the entries will be the same (this is usually dependent on the filesystem used, I don't think Ant sorts the entries). I have not reviewed the changes, but jar and zip differ in a) placement of Manifest file (jar spec requires it to be the first file in the archive IIRC) b) encoding used for file names (jar uses UTF-8, zip uses platform default) I couldn't find a reference to a requirement regarding the location of MANIFEST. Do you have a reference? File name encoding should be a non issue as all the Tomcat files have ASCII names. пн, 22 мар. 2021 г. в 12:44, Mark Thomas : No. The Jar entries used the timestamps of the original files. As long as the Jar task was configured not to add entries for directories (which used the current time as the last modified date) that part was OK. The issue was that the manifest was always created with the current time as the last modified date. Those entries for directories are required for some tools to operate correctly. I think that we already turned them off once and turned them back on. (I think it was annotation scanning in some old version of Spring Framework that was broken by missing directories, but I do not have a link - just from memory.) A link would be good so we can review exactly what the problem is/was. I know that Apache Maven is capable of creating reproducible builds (by setting an explicit timestamp when building). [1] Looking at "maven-core-3.3.9.jar" as an example, it has entries for directories, If the jar task does not do what is needed for us, it is better to ask Apache Ant project for a fix (so that other projects can benefit from it as well) rather than replace "jar" with "zip". Big +1. I've already opened an issue with Bnd. I'll add doing the same with Ant to my TODO list. I have no problem reverting any of the reproducible build changes if they cause problems. I too suspect that the jar -> zip change is the most likely to trigger issues. Mark [1] https://maven.apache.org/guides/mini/guide-reproducible-builds.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Reproducible builds
сб, 20 мар. 2021 г. в 18:24, Emmanuel Bourg : > > 2. The current Windows exe signing process isn't repeatable. There are a > > few suggestions workarounds at https://reproducible-builds.org/ and I > > need to discuss these with the provider of the code signing service the > > ASF uses (DigiCert). > > The signature is reproducible but not the timestamp. We'd need something > like a detached signature shipped with the source package, and a build > that either append the signature or get a new one from DigiCert. There are two signed executables: installer and uninstaller, and uninstaller is packed into the installer executable. That's why the installer is built twice by build.xml, first to create an uninstaller so that it could be signed. (IIRC) A timestamp is an important part of a signature (so that one does not create a new signature with an expired key). > > I got a quick look, I guess you replaced the tasks with to > make the timestamp of the zip entries reproducible? I'm not sure this is > sufficient, there is no guarantee the order of the entries will be the > same (this is usually dependent on the filesystem used, I don't think > Ant sorts the entries). I have not reviewed the changes, but jar and zip differ in a) placement of Manifest file (jar spec requires it to be the first file in the archive IIRC) b) encoding used for file names (jar uses UTF-8, zip uses platform default) пн, 22 мар. 2021 г. в 12:44, Mark Thomas : > > No. The Jar entries used the timestamps of the original files. As long > as the Jar task was configured not to add entries for directories (which > used the current time as the last modified date) that part was OK. The > issue was that the manifest was always created with the current time as > the last modified date. Those entries for directories are required for some tools to operate correctly. I think that we already turned them off once and turned them back on. (I think it was annotation scanning in some old version of Spring Framework that was broken by missing directories, but I do not have a link - just from memory.) I know that Apache Maven is capable of creating reproducible builds (by setting an explicit timestamp when building). [1] Looking at "maven-core-3.3.9.jar" as an example, it has entries for directories, If the jar task does not do what is needed for us, it is better to ask Apache Ant project for a fix (so that other projects can benefit from it as well) rather than replace "jar" with "zip". [1] https://maven.apache.org/guides/mini/guide-reproducible-builds.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] rmaucher commented on pull request #414: don't log undesired warnings for webapp classloader configuration
rmaucher commented on pull request #414: URL: https://github.com/apache/tomcat/pull/414#issuecomment-804012002 I added the simple reflection free version, so the properties now need WebappCLBase and we'll see what happens. I didn't merge the test since it's quite obvious when there's no reflection and heuristic, but you can add it if you'd like. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] rmaucher closed pull request #414: don't log undesired warnings for webapp classloader configuration
rmaucher closed pull request #414: URL: https://github.com/apache/tomcat/pull/414 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Avoid reflection use for classloader configuration
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/8.5.x by this push: new 21df62a Avoid reflection use for classloader configuration 21df62a is described below commit 21df62a390e6dc8e07ca600c9b98d11abe1cedac Author: remm AuthorDate: Mon Mar 22 12:52:47 2021 +0100 Avoid reflection use for classloader configuration This makes the leak related properties depend on the use of a classloader that extends WebappClassLoaderBase, but this is quite obvious this would be the case as it seems insane to reimplement this. In line with removing reflection abuse elsewhere. In turn, this avoids useless scary logging when using an alternate classloader in embedded or similar. Based on a patch submitted by Romain Manni-Bucau. --- .../apache/catalina/core/LocalStrings.properties | 1 - java/org/apache/catalina/core/StandardContext.java | 22 ++ webapps/docs/changelog.xml | 4 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings.properties b/java/org/apache/catalina/core/LocalStrings.properties index 2332b7d..6c294cf 100644 --- a/java/org/apache/catalina/core/LocalStrings.properties +++ b/java/org/apache/catalina/core/LocalStrings.properties @@ -209,7 +209,6 @@ standardContext.stop.asyncWaitInterrupted=Interrupt received while waiting unloa standardContext.stoppingContext=Exception stopping Context with name [{0}] standardContext.threadBindingListenerError=An error occurred in the thread binding listener configured for Context [{0}] standardContext.urlPattern.patternWarning=WARNING: URL pattern [{0}] must start with a ''/'' in Servlet 2.4 -standardContext.webappClassLoader.missingProperty=Unable to set the web application class loader property [{0}] to [{1}] as the property does not exist. standardContext.workCreateException=Failed to determine absolute work directory from directory [{0}] and CATALINA_HOME [{1}] for context [{2}] standardContext.workCreateFail=Failed to create work directory [{0}] for context [{1}] standardContext.workPath=Exception obtaining work path for context [{0}] diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java index c213797..5ede9c5 100644 --- a/java/org/apache/catalina/core/StandardContext.java +++ b/java/org/apache/catalina/core/StandardContext.java @@ -100,6 +100,7 @@ import org.apache.catalina.WebResource; import org.apache.catalina.WebResourceRoot; import org.apache.catalina.Wrapper; import org.apache.catalina.deploy.NamingResourcesImpl; +import org.apache.catalina.loader.WebappClassLoaderBase; import org.apache.catalina.loader.WebappLoader; import org.apache.catalina.session.StandardManager; import org.apache.catalina.util.CharsetMapper; @@ -5019,18 +5020,15 @@ public class StandardContext extends ContainerBase // since the loader just started, the webapp classloader is now // created. -setClassLoaderProperty("clearReferencesRmiTargets", -getClearReferencesRmiTargets()); -setClassLoaderProperty("clearReferencesStopThreads", -getClearReferencesStopThreads()); -setClassLoaderProperty("clearReferencesStopTimerThreads", -getClearReferencesStopTimerThreads()); - setClassLoaderProperty("clearReferencesHttpClientKeepAliveThread", -getClearReferencesHttpClientKeepAliveThread()); - setClassLoaderProperty("clearReferencesObjectStreamClassCaches", -getClearReferencesObjectStreamClassCaches()); -setClassLoaderProperty("clearReferencesThreadLocals", -getClearReferencesThreadLocals()); +if (loader.getClassLoader() instanceof WebappClassLoaderBase) { +WebappClassLoaderBase cl = (WebappClassLoaderBase) loader.getClassLoader(); + cl.setClearReferencesRmiTargets(getClearReferencesRmiTargets()); + cl.setClearReferencesStopThreads(getClearReferencesStopThreads()); + cl.setClearReferencesStopTimerThreads(getClearReferencesStopTimerThreads()); + cl.setClearReferencesHttpClientKeepAliveThread(getClearReferencesHttpClientKeepAliveThread()); + cl.setClearReferencesObjectStreamClassCaches(getClearReferencesObjectStreamClassCaches()); + cl.setClearReferencesThreadLocals(getClearReferencesThreadLocals()); +} // By calling unbindThread and bindThread in a row, we setup the // current Thread CCL to be the webapp classloader diff --git
Re: [tomcat] branch master updated: Avoid reflection use for classloader configuration
On Mon, Mar 22, 2021 at 12:53 PM wrote: > - > setClassLoaderProperty("clearReferencesObjectStreamClassCaches", > -getClearReferencesObjectStreamClassCaches()); > - > setClassLoaderProperty("clearReferencesObjectStreamClassCaches", > -getClearReferencesObjectStreamClassCaches()); > > When writing this change, I noticed this. So I don't understand what happened here, especially since the duplication is not in 8.5. Rémy
[tomcat] branch 9.0.x updated: Avoid reflection use for classloader configuration
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/9.0.x by this push: new f5d45ff Avoid reflection use for classloader configuration f5d45ff is described below commit f5d45ff84e8c032eb5aa64d8fbb35ca69f12bf91 Author: remm AuthorDate: Mon Mar 22 12:52:47 2021 +0100 Avoid reflection use for classloader configuration This makes the leak related properties depend on the use of a classloader that extends WebappClassLoaderBase, but this is quite obvious this would be the case as it seems insane to reimplement this. In line with removing reflection abuse elsewhere. In turn, this avoids useless scary logging when using an alternate classloader in embedded or similar. Based on a patch submitted by Romain Manni-Bucau. --- .../apache/catalina/core/LocalStrings.properties | 1 - java/org/apache/catalina/core/StandardContext.java | 35 +++--- webapps/docs/changelog.xml | 4 +++ 3 files changed, 14 insertions(+), 26 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings.properties b/java/org/apache/catalina/core/LocalStrings.properties index 0b3bbd2..3b45537 100644 --- a/java/org/apache/catalina/core/LocalStrings.properties +++ b/java/org/apache/catalina/core/LocalStrings.properties @@ -231,7 +231,6 @@ standardContext.stoppingContext=Exception stopping Context with name [{0}] standardContext.suspiciousUrl=Suspicious URL pattern: [{0}] in context [{1}], see sections 12.1 and 12.2 of the Servlet specification standardContext.threadBindingListenerError=An error occurred in the thread binding listener configured for Context [{0}] standardContext.urlPattern.patternWarning=WARNING: URL pattern [{0}] must start with a ''/'' in Servlet 2.4 -standardContext.webappClassLoader.missingProperty=Unable to set the web application class loader property [{0}] to [{1}] as the property does not exist. standardContext.workCreateException=Failed to determine absolute work directory from directory [{0}] and CATALINA_HOME [{1}] for context [{2}] standardContext.workCreateFail=Failed to create work directory [{0}] for context [{1}] standardContext.workPath=Exception obtaining work path for context [{0}] diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java index 5518690..bf612c2 100644 --- a/java/org/apache/catalina/core/StandardContext.java +++ b/java/org/apache/catalina/core/StandardContext.java @@ -99,6 +99,7 @@ import org.apache.catalina.WebResource; import org.apache.catalina.WebResourceRoot; import org.apache.catalina.Wrapper; import org.apache.catalina.deploy.NamingResourcesImpl; +import org.apache.catalina.loader.WebappClassLoaderBase; import org.apache.catalina.loader.WebappLoader; import org.apache.catalina.session.StandardManager; import org.apache.catalina.util.CharsetMapper; @@ -114,7 +115,6 @@ import org.apache.tomcat.InstanceManager; import org.apache.tomcat.InstanceManagerBindings; import org.apache.tomcat.JarScanner; import org.apache.tomcat.util.ExceptionUtils; -import org.apache.tomcat.util.IntrospectionUtils; import org.apache.tomcat.util.buf.StringUtils; import org.apache.tomcat.util.compat.JreCompat; import org.apache.tomcat.util.descriptor.XmlIdentifiers; @@ -5030,20 +5030,15 @@ public class StandardContext extends ContainerBase // since the loader just started, the webapp classloader is now // created. -setClassLoaderProperty("clearReferencesRmiTargets", -getClearReferencesRmiTargets()); -setClassLoaderProperty("clearReferencesStopThreads", -getClearReferencesStopThreads()); -setClassLoaderProperty("clearReferencesStopTimerThreads", -getClearReferencesStopTimerThreads()); - setClassLoaderProperty("clearReferencesHttpClientKeepAliveThread", -getClearReferencesHttpClientKeepAliveThread()); - setClassLoaderProperty("clearReferencesObjectStreamClassCaches", -getClearReferencesObjectStreamClassCaches()); - setClassLoaderProperty("clearReferencesObjectStreamClassCaches", -getClearReferencesObjectStreamClassCaches()); -setClassLoaderProperty("clearReferencesThreadLocals", -getClearReferencesThreadLocals()); +if (loader.getClassLoader() instanceof WebappClassLoaderBase) { +WebappClassLoaderBase cl = (WebappClassLoaderBase) loader.getClassLoader(); + cl.setClearReferencesRmiTargets(getClearReferencesRmiTargets()); + cl.setClearReferencesStopThreads(getClearReferencesStopThreads()); +
[tomcat] branch master updated: Avoid reflection use for classloader configuration
This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/master by this push: new 5803d56 Avoid reflection use for classloader configuration 5803d56 is described below commit 5803d56dac2261a5b65680fb1d250135b20175ee Author: remm AuthorDate: Mon Mar 22 12:52:47 2021 +0100 Avoid reflection use for classloader configuration This makes the leak related properties depend on the use of a classloader that extends WebappClassLoaderBase, but this is quite obvious this would be the case as it seems insane to reimplement this. In line with removing reflection abuse elsewhere. In turn, this avoids useless scary logging when using an alternate classloader in embedded or similar. Based on a patch submitted by Romain Manni-Bucau. --- .../apache/catalina/core/LocalStrings.properties | 1 - java/org/apache/catalina/core/StandardContext.java | 35 +++--- webapps/docs/changelog.xml | 4 +++ 3 files changed, 14 insertions(+), 26 deletions(-) diff --git a/java/org/apache/catalina/core/LocalStrings.properties b/java/org/apache/catalina/core/LocalStrings.properties index bcc97e2..e3cabcb 100644 --- a/java/org/apache/catalina/core/LocalStrings.properties +++ b/java/org/apache/catalina/core/LocalStrings.properties @@ -230,7 +230,6 @@ standardContext.stoppingContext=Exception stopping Context with name [{0}] standardContext.suspiciousUrl=Suspicious URL pattern: [{0}] in context [{1}], see sections 12.1 and 12.2 of the Servlet specification standardContext.threadBindingListenerError=An error occurred in the thread binding listener configured for Context [{0}] standardContext.urlPattern.patternWarning=WARNING: URL pattern [{0}] must start with a ''/'' in Servlet 2.4 -standardContext.webappClassLoader.missingProperty=Unable to set the web application class loader property [{0}] to [{1}] as the property does not exist. standardContext.workCreateException=Failed to determine absolute work directory from directory [{0}] and CATALINA_HOME [{1}] for context [{2}] standardContext.workCreateFail=Failed to create work directory [{0}] for context [{1}] standardContext.workPath=Exception obtaining work path for context [{0}] diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java index fd9c35a..4256193 100644 --- a/java/org/apache/catalina/core/StandardContext.java +++ b/java/org/apache/catalina/core/StandardContext.java @@ -100,6 +100,7 @@ import org.apache.catalina.WebResource; import org.apache.catalina.WebResourceRoot; import org.apache.catalina.Wrapper; import org.apache.catalina.deploy.NamingResourcesImpl; +import org.apache.catalina.loader.WebappClassLoaderBase; import org.apache.catalina.loader.WebappLoader; import org.apache.catalina.session.StandardManager; import org.apache.catalina.util.CharsetMapper; @@ -115,7 +116,6 @@ import org.apache.tomcat.InstanceManager; import org.apache.tomcat.InstanceManagerBindings; import org.apache.tomcat.JarScanner; import org.apache.tomcat.util.ExceptionUtils; -import org.apache.tomcat.util.IntrospectionUtils; import org.apache.tomcat.util.buf.StringUtils; import org.apache.tomcat.util.compat.JreCompat; import org.apache.tomcat.util.descriptor.XmlIdentifiers; @@ -4979,20 +4979,15 @@ public class StandardContext extends ContainerBase // since the loader just started, the webapp classloader is now // created. -setClassLoaderProperty("clearReferencesRmiTargets", -getClearReferencesRmiTargets()); -setClassLoaderProperty("clearReferencesStopThreads", -getClearReferencesStopThreads()); -setClassLoaderProperty("clearReferencesStopTimerThreads", -getClearReferencesStopTimerThreads()); - setClassLoaderProperty("clearReferencesHttpClientKeepAliveThread", -getClearReferencesHttpClientKeepAliveThread()); - setClassLoaderProperty("clearReferencesObjectStreamClassCaches", -getClearReferencesObjectStreamClassCaches()); - setClassLoaderProperty("clearReferencesObjectStreamClassCaches", -getClearReferencesObjectStreamClassCaches()); -setClassLoaderProperty("clearReferencesThreadLocals", -getClearReferencesThreadLocals()); +if (loader.getClassLoader() instanceof WebappClassLoaderBase) { +WebappClassLoaderBase cl = (WebappClassLoaderBase) loader.getClassLoader(); + cl.setClearReferencesRmiTargets(getClearReferencesRmiTargets()); + cl.setClearReferencesStopThreads(getClearReferencesStopThreads());
Re: Reproducible builds
On 20/03/2021 15:24, Emmanuel Bourg wrote: Le 19/03/2021 à 16:39, Mark Thomas a écrit : Over the last few days I have been looking at making the Tomcat builds (more) reproducible. I have currently reached the stage where sequential builds on my local machine produce identical output. That's a great idea. There are several caveats 1. Some of the embedded JARs can vary between runs due to a Bnd issue. That has been reported to the Bnd project and should be fixed shortly. In Debian the Tomcat package is mostly reproducible, the only difference is in the OSGi metadata and the Require-Capability field [1]. Is this the Bnd issue you are referring to ? Yes. The Bnd team also think they may need to normalize Provide-Capability as well. 2. The current Windows exe signing process isn't repeatable. There are a few suggestions workarounds at https://reproducible-builds.org/ and I need to discuss these with the provider of the code signing service the ASF uses (DigiCert). The signature is reproducible but not the timestamp. We'd need something like a detached signature shipped with the source package, and a build that either append the signature or get a new one from DigiCert. Indeed. I'll discuss the options here with DigiCert and report back. I have a series of commits where each commit addresses a specific issue. I got a quick look, I guess you replaced the tasks with to make the timestamp of the zip entries reproducible? No. The Jar entries used the timestamps of the original files. As long as the Jar task was configured not to add entries for directories (which used the current time as the last modified date) that part was OK. The issue was that the manifest was always created with the current time as the last modified date. I'm not sure this is sufficient, there is no guarantee the order of the entries will be the same (this is usually dependent on the filesystem used, I don't think Ant sorts the entries). I haven't hit this issue yet. I suspect I will, or something similar, when I start testing with different platforms. In Debian there is a tool (strip-nondeterminism) post-processing the jar files and fixing the possible variations (entries order, timestamps), we'll probably need something similar. Potentially. There isn't any particular deadline for this so we can take the time to get things fixed in upstream Bnd, Ant, etc. Mark Emmanuel Bourg [1] https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/diffoscope-results/tomcat9.html - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org