Author: markt
Date: Fri Aug 12 08:36:08 2016
New Revision: 1756124
URL: http://svn.apache.org/viewvc?rev=1756124&view=rev
Log:
Further changes to align ActionCode implementations
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/coyote/ActionCode.java
tomcat/tc8.5.x/trunk/java/org/apache/coyote/ErrorState.java
tomcat/tc8.5.x/trunk/java/org/apache/coyote/Request.java
tomcat/tc8.5.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
tomcat/tc8.5.x/trunk/java/org/apache/coyote/http2/StreamProcessor.java
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/buf/MessageBytes.java
Propchange: tomcat/tc8.5.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Aug 12 08:36:08 2016
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747
924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756089
+/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747536,1747
924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756098
Modified: tomcat/tc8.5.x/trunk/java/org/apache/coyote/ActionCode.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/coyote/ActionCode.java?rev=1756124&r1=1756123&r2=1756124&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/coyote/ActionCode.java (original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/coyote/ActionCode.java Fri Aug 12
08:36:08 2016
@@ -71,13 +71,14 @@ public enum ActionCode {
REQ_HOST_ADDR_ATTRIBUTE,
/**
- * Callback for lazy evaluation - extract the SSL-related attributes.
+ * Callback for lazy evaluation - extract the SSL-related attributes
+ * including the client certificate if present.
*/
REQ_SSL_ATTRIBUTE,
/**
- * Callback for lazy evaluation - extract the SSL-certificate (including
- * forcing a re-handshake if necessary)
+ * Force a TLS re-handshake and make the resulting client certificate (if
+ * any) available as a request attribute.
*/
REQ_SSL_CERTIFICATE,
Modified: tomcat/tc8.5.x/trunk/java/org/apache/coyote/ErrorState.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/coyote/ErrorState.java?rev=1756124&r1=1756123&r2=1756124&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/coyote/ErrorState.java (original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/coyote/ErrorState.java Fri Aug 12
08:36:08 2016
@@ -27,7 +27,8 @@ public enum ErrorState {
* The current request/response is in an error state and while it is safe
to
* complete the current response it is not safe to continue to use the
* existing connection which must be closed once the response has been
- * completed.
+ * completed. For multiplexed protocols, the channel must be closed when
the
+ * current request/response completes but the connection may continue.
*/
CLOSE_CLEAN(true, 1, true, true),
Modified: tomcat/tc8.5.x/trunk/java/org/apache/coyote/Request.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/coyote/Request.java?rev=1756124&r1=1756123&r2=1756124&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/coyote/Request.java (original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/coyote/Request.java Fri Aug 12
08:36:08 2016
@@ -575,8 +575,11 @@ public final class Request {
headers.recycle();
serverNameMB.recycle();
serverPort=-1;
+ localAddrMB.recycle();
localNameMB.recycle();
localPort = -1;
+ remoteAddrMB.recycle();
+ remoteHostMB.recycle();
remotePort = -1;
available = 0;
sendfile = true;
Modified: tomcat/tc8.5.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1756124&r1=1756123&r2=1756124&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Fri Aug
12 08:36:08 2016
@@ -408,106 +408,62 @@ public class AjpProcessor extends Abstra
}
case CLOSE_NOW: {
// Prevent further writes to the response
- swallowResponse = true;
+ setSwallowResponse();
setErrorState(ErrorState.CLOSE_NOW, null);
break;
}
case DISABLE_SWALLOW_INPUT: {
- // TODO: Do not swallow request input but
- // make sure we are closing the connection
+ // Aborted upload or similar.
+ // No point reading the remainder of the request.
+ disableSwallowRequest();
+ // This is an error state. Make sure it is marked as such.
setErrorState(ErrorState.CLOSE_CLEAN, null);
break;
}
// Request attribute support
case REQ_HOST_ADDR_ATTRIBUTE: {
- // NO-OP
- // Automatically populated during prepareRequest()
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.remoteAddr().setString(socketWrapper.getRemoteAddr());
+ }
break;
}
case REQ_HOST_ATTRIBUTE: {
- // Get remote host name using a DNS resolution
- if (request.remoteHost().isNull()) {
- try {
- request.remoteHost().setString(InetAddress.getByName
- (request.remoteAddr().toString()).getHostName());
- } catch (IOException iex) {
- // Ignore
- }
- }
+ populateRequestAttributeRemoteHost();
break;
}
case REQ_LOCALPORT_ATTRIBUTE: {
- // NO-OP
- // Automatically populated during prepareRequest()
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.setLocalPort(socketWrapper.getLocalPort());
+ }
break;
}
case REQ_LOCAL_ADDR_ATTRIBUTE: {
- // Automatically populated during prepareRequest() when using
- // modern AJP forwarder, otherwise copy from local name
- if (request.localAddr().isNull()) {
- request.localAddr().setString(request.localName().toString());
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.localAddr().setString(socketWrapper.getLocalAddr());
}
break;
}
case REQ_LOCAL_NAME_ATTRIBUTE: {
- // NO-OP
- // Automatically populated during prepareRequest()
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.localName().setString(socketWrapper.getLocalName());
+ }
break;
}
case REQ_REMOTEPORT_ATTRIBUTE: {
- // NO-OP
- // Automatically populated during prepareRequest() when using
- // modern AJP forwarder, otherwise not available
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.setRemotePort(socketWrapper.getRemotePort());
+ }
break;
}
// SSL request attribute support
case REQ_SSL_ATTRIBUTE: {
- if (!certificates.isNull()) {
- ByteChunk certData = certificates.getByteChunk();
- X509Certificate jsseCerts[] = null;
- ByteArrayInputStream bais =
- new ByteArrayInputStream(certData.getBytes(),
- certData.getStart(),
- certData.getLength());
- // Fill the elements.
- try {
- CertificateFactory cf;
- String clientCertProvider = getClientCertProvider();
- if (clientCertProvider == null) {
- cf = CertificateFactory.getInstance("X.509");
- } else {
- cf = CertificateFactory.getInstance("X.509",
- clientCertProvider);
- }
- while(bais.available() > 0) {
- X509Certificate cert = (X509Certificate)
- cf.generateCertificate(bais);
- if(jsseCerts == null) {
- jsseCerts = new X509Certificate[1];
- jsseCerts[0] = cert;
- } else {
- X509Certificate [] temp = new
X509Certificate[jsseCerts.length+1];
-
System.arraycopy(jsseCerts,0,temp,0,jsseCerts.length);
- temp[jsseCerts.length] = cert;
- jsseCerts = temp;
- }
- }
- } catch (java.security.cert.CertificateException e) {
- getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
- return;
- } catch (NoSuchProviderException e) {
- getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
- return;
- }
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, jsseCerts);
- }
+ populateSslRequestAttributes();
break;
}
case REQ_SSL_CERTIFICATE: {
- // NO-OP. Can't force a new SSL handshake with the client when
using
- // AJP as the reverse proxy controls that connection.
+ sslReHandShake();
break;
}
@@ -1468,6 +1424,89 @@ public class AjpProcessor extends Abstra
}
+ private void setSwallowResponse() {
+ swallowResponse = true;
+ }
+
+
+ private void disableSwallowRequest() {
+ /* NO-OP
+ * With AJP, Tomcat controls when the client sends request body data.
At
+ * most there will be a single packet to read and that will be handled
+ * in finishResponse().
+ */
+ }
+
+
+ private boolean getPopulateRequestAttributesFromSocket() {
+ // NO-OPs the attribute requests since they are pre-populated when
+ // parsing the first AJP message.
+ return false;
+ }
+
+
+ private void populateRequestAttributeRemoteHost() {
+ // Get remote host name using a DNS resolution
+ if (request.remoteHost().isNull()) {
+ try {
+ request.remoteHost().setString(InetAddress.getByName
+ (request.remoteAddr().toString()).getHostName());
+ } catch (IOException iex) {
+ // Ignore
+ }
+ }
+ }
+
+
+ private void populateSslRequestAttributes() {
+ if (!certificates.isNull()) {
+ ByteChunk certData = certificates.getByteChunk();
+ X509Certificate jsseCerts[] = null;
+ ByteArrayInputStream bais =
+ new ByteArrayInputStream(certData.getBytes(),
+ certData.getStart(),
+ certData.getLength());
+ // Fill the elements.
+ try {
+ CertificateFactory cf;
+ String clientCertProvider = getClientCertProvider();
+ if (clientCertProvider == null) {
+ cf = CertificateFactory.getInstance("X.509");
+ } else {
+ cf = CertificateFactory.getInstance("X.509",
+ clientCertProvider);
+ }
+ while(bais.available() > 0) {
+ X509Certificate cert = (X509Certificate)
+ cf.generateCertificate(bais);
+ if(jsseCerts == null) {
+ jsseCerts = new X509Certificate[1];
+ jsseCerts[0] = cert;
+ } else {
+ X509Certificate [] temp = new
X509Certificate[jsseCerts.length+1];
+ System.arraycopy(jsseCerts,0,temp,0,jsseCerts.length);
+ temp[jsseCerts.length] = cert;
+ jsseCerts = temp;
+ }
+ }
+ } catch (java.security.cert.CertificateException e) {
+ getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
+ return;
+ } catch (NoSuchProviderException e) {
+ getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
+ return;
+ }
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, jsseCerts);
+ }
+ }
+
+
+ private void sslReHandShake() {
+ // NO-OP. Can't force a new SSL handshake with the client when using
+ // AJP as the reverse proxy controls that connection.
+ }
+
+
/**
* Read at least the specified amount of bytes, and place them
* in the input buffer. Note that if any data is available to read then
this
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1756124&r1=1756123&r2=1756124&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/Http11Processor.java
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/coyote/http11/Http11Processor.java Fri
Aug 12 08:36:08 2016
@@ -700,64 +700,51 @@ public class Http11Processor extends Abs
break;
}
case CLOSE_NOW: {
- // Block further output
- outputBuffer.responseFinished = true;
+ // Prevent further writes to the response
+ setSwallowResponse();
setErrorState(ErrorState.CLOSE_NOW, null);
break;
}
case DISABLE_SWALLOW_INPUT: {
- // Do not swallow request input and make sure we are closing the
- // connection
+ // Aborted upload or similar.
+ // No point reading the remainder of the request.
+ disableSwallowRequest();
+ // This is an error state. Make sure it is marked as such.
setErrorState(ErrorState.CLOSE_CLEAN, null);
- inputBuffer.setSwallowInput(false);
break;
}
// Request attribute support
case REQ_HOST_ADDR_ATTRIBUTE: {
- if (socketWrapper == null) {
- request.remoteAddr().recycle();
- } else {
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
request.remoteAddr().setString(socketWrapper.getRemoteAddr());
}
break;
}
case REQ_HOST_ATTRIBUTE: {
- if (socketWrapper == null) {
- request.remoteHost().recycle();
- } else {
- request.remoteHost().setString(socketWrapper.getRemoteHost());
- }
+ populateRequestAttributeRemoteHost();
break;
}
case REQ_LOCALPORT_ATTRIBUTE: {
- if (socketWrapper == null) {
- request.setLocalPort(0);
- } else {
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
request.setLocalPort(socketWrapper.getLocalPort());
}
break;
}
case REQ_LOCAL_ADDR_ATTRIBUTE: {
- if (socketWrapper == null) {
- request.localAddr().recycle();
- } else {
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
request.localAddr().setString(socketWrapper.getLocalAddr());
}
break;
}
case REQ_LOCAL_NAME_ATTRIBUTE: {
- if (socketWrapper == null) {
- request.localName().recycle();
- } else {
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
request.localName().setString(socketWrapper.getLocalName());
}
break;
}
case REQ_REMOTEPORT_ATTRIBUTE: {
- if (socketWrapper == null) {
- request.setRemotePort(0);
- } else {
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
request.setRemotePort(socketWrapper.getRemotePort());
}
break;
@@ -765,59 +752,11 @@ public class Http11Processor extends Abs
// SSL request attribute support
case REQ_SSL_ATTRIBUTE: {
- try {
- if (sslSupport != null) {
- Object sslO = sslSupport.getCipherSuite();
- if (sslO != null) {
- request.setAttribute
- (SSLSupport.CIPHER_SUITE_KEY, sslO);
- }
- sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute
- (SSLSupport.CERTIFICATE_KEY, sslO);
- }
- sslO = sslSupport.getKeySize();
- if (sslO != null) {
- request.setAttribute
- (SSLSupport.KEY_SIZE_KEY, sslO);
- }
- sslO = sslSupport.getSessionId();
- if (sslO != null) {
- request.setAttribute
- (SSLSupport.SESSION_ID_KEY, sslO);
- }
- sslO = sslSupport.getProtocol();
- if (sslO != null) {
- request.setAttribute
- (SSLSupport.PROTOCOL_VERSION_KEY, sslO);
- }
- request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
- }
- } catch (Exception e) {
- log.warn(sm.getString("http11processor.socket.ssl"), e);
- }
+ populateSslRequestAttributes();
break;
}
case REQ_SSL_CERTIFICATE: {
- if (sslSupport != null) {
- // Consume and buffer the request body, so that it does not
- // interfere with the client's handshake messages
- InputFilter[] inputFilters = inputBuffer.getFilters();
- ((BufferedInputFilter)
inputFilters[Constants.BUFFERED_FILTER]).setLimit(
- maxSavePostSize);
-
inputBuffer.addActiveFilter(inputFilters[Constants.BUFFERED_FILTER]);
-
- try {
- socketWrapper.doClientAuth(sslSupport);
- Object sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
- }
- } catch (IOException ioe) {
- log.warn(sm.getString("http11processor.socket.ssl"), ioe);
- }
- }
+ sslReHandShake();
break;
}
@@ -1816,6 +1755,81 @@ public class Http11Processor extends Abs
}
+ private void setSwallowResponse() {
+ outputBuffer.responseFinished = true;
+ }
+
+
+ private void disableSwallowRequest() {
+ inputBuffer.setSwallowInput(false);
+ }
+
+
+ private boolean getPopulateRequestAttributesFromSocket() {
+ return true;
+ }
+
+
+ private void populateRequestAttributeRemoteHost() {
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper != null)
{
+ request.remoteHost().setString(socketWrapper.getRemoteHost());
+ }
+ }
+
+
+ private void populateSslRequestAttributes() {
+ try {
+ if (sslSupport != null) {
+ Object sslO = sslSupport.getCipherSuite();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CIPHER_SUITE_KEY, sslO);
+ }
+ sslO = sslSupport.getPeerCertificateChain();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
+ }
+ sslO = sslSupport.getKeySize();
+ if (sslO != null) {
+ request.setAttribute (SSLSupport.KEY_SIZE_KEY, sslO);
+ }
+ sslO = sslSupport.getSessionId();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
+ }
+ sslO = sslSupport.getProtocol();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY,
sslO);
+ }
+ request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
+ }
+ } catch (Exception e) {
+ log.warn(sm.getString("http11processor.socket.ssl"), e);
+ }
+ }
+
+
+ private void sslReHandShake() {
+ if (sslSupport != null) {
+ // Consume and buffer the request body, so that it does not
+ // interfere with the client's handshake messages
+ InputFilter[] inputFilters = inputBuffer.getFilters();
+ ((BufferedInputFilter)
inputFilters[Constants.BUFFERED_FILTER]).setLimit(
+ maxSavePostSize);
+
inputBuffer.addActiveFilter(inputFilters[Constants.BUFFERED_FILTER]);
+
+ try {
+ socketWrapper.doClientAuth(sslSupport);
+ Object sslO = sslSupport.getPeerCertificateChain();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
+ }
+ } catch (IOException ioe) {
+ log.warn(sm.getString("http11processor.socket.ssl"), ioe);
+ }
+ }
+ }
+
+
/**
* Checks to see if the keep-alive loop should be broken, performing any
* processing (e.g. sendfile handling) that may have an impact on whether
Modified: tomcat/tc8.5.x/trunk/java/org/apache/coyote/http2/StreamProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/coyote/http2/StreamProcessor.java?rev=1756124&r1=1756123&r2=1756124&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/coyote/http2/StreamProcessor.java
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/coyote/http2/StreamProcessor.java Fri
Aug 12 08:36:08 2016
@@ -154,91 +154,63 @@ public class StreamProcessor extends Abs
break;
}
case CLOSE_NOW: {
- // No need to block further output. This is called by the error
- // reporting valve if the response is already committed. It will
- // flush any remaining response data before this call.
- // Setting the error state will then cause this stream to be reset.
+ // Prevent further writes to the response
+ setSwallowResponse();
setErrorState(ErrorState.CLOSE_NOW, null);
break;
}
case DISABLE_SWALLOW_INPUT: {
- // NO-OP
- // HTTP/2 has to swallow any input received to ensure that the flow
- // control windows are correctly tracked.
+ // Aborted upload or similar.
+ // No point reading the remainder of the request.
+ disableSwallowRequest();
+ // This is an error state. Make sure it is marked as such.
+ setErrorState(ErrorState.CLOSE_CLEAN, null);
break;
}
// Request attribute support
case REQ_HOST_ADDR_ATTRIBUTE: {
- request.remoteAddr().setString(socketWrapper.getRemoteAddr());
+ populateRequestAttributeRemoteHost();
break;
}
case REQ_HOST_ATTRIBUTE: {
- request.remoteHost().setString(socketWrapper.getRemoteHost());
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.remoteHost().setString(socketWrapper.getRemoteHost());
+ }
break;
}
case REQ_LOCALPORT_ATTRIBUTE: {
- request.setLocalPort(socketWrapper.getLocalPort());
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.setLocalPort(socketWrapper.getLocalPort());
+ }
break;
}
case REQ_LOCAL_ADDR_ATTRIBUTE: {
- request.localAddr().setString(socketWrapper.getLocalAddr());
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.localAddr().setString(socketWrapper.getLocalAddr());
+ }
break;
}
case REQ_LOCAL_NAME_ATTRIBUTE: {
- request.localName().setString(socketWrapper.getLocalName());
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.localName().setString(socketWrapper.getLocalName());
+ }
break;
}
case REQ_REMOTEPORT_ATTRIBUTE: {
- request.setRemotePort(socketWrapper.getRemotePort());
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper !=
null) {
+ request.setRemotePort(socketWrapper.getRemotePort());
+ }
break;
}
// SSL request attribute support
case REQ_SSL_ATTRIBUTE: {
- try {
- if (sslSupport != null) {
- Object sslO = sslSupport.getCipherSuite();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CIPHER_SUITE_KEY,
sslO);
- }
- sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
- }
- sslO = sslSupport.getKeySize();
- if (sslO != null) {
- request.setAttribute(SSLSupport.KEY_SIZE_KEY, sslO);
- }
- sslO = sslSupport.getSessionId();
- if (sslO != null) {
- request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
- }
- sslO = sslSupport.getProtocol();
- if (sslO != null) {
- request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY,
sslO);
- }
- request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
- }
- } catch (Exception e) {
- log.warn(sm.getString("streamProcessor.ssl.error"), e);
- }
+ populateSslRequestAttributes();
break;
}
case REQ_SSL_CERTIFICATE: {
- // No re-negotiation support in HTTP/2. Either the certificate is
- // available or it isn't.
- try {
- if (sslSupport != null) {
- Object sslO = sslSupport.getCipherSuite();
- sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
- }
- }
- } catch (Exception e) {
- log.warn(sm.getString("streamProcessor.ssl.error"), e);
- }
+ sslReHandShake();
break;
}
@@ -409,6 +381,66 @@ public class StreamProcessor extends Abs
}
+ private void setSwallowResponse() {
+ // NO-OP
+ }
+
+
+ private void disableSwallowRequest() {
+ // NO-OP
+ // HTTP/2 has to swallow any input received to ensure that the flow
+ // control windows are correctly tracked.
+ }
+
+
+ private boolean getPopulateRequestAttributesFromSocket() {
+ return true;
+ }
+
+
+ private void populateRequestAttributeRemoteHost() {
+ if (getPopulateRequestAttributesFromSocket() && socketWrapper != null)
{
+ request.remoteHost().setString(socketWrapper.getRemoteHost());
+ }
+ }
+
+
+ private void populateSslRequestAttributes() {
+ try {
+ if (sslSupport != null) {
+ Object sslO = sslSupport.getCipherSuite();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CIPHER_SUITE_KEY, sslO);
+ }
+ sslO = sslSupport.getPeerCertificateChain();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
+ }
+ sslO = sslSupport.getKeySize();
+ if (sslO != null) {
+ request.setAttribute (SSLSupport.KEY_SIZE_KEY, sslO);
+ }
+ sslO = sslSupport.getSessionId();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
+ }
+ sslO = sslSupport.getProtocol();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY,
sslO);
+ }
+ request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
+ }
+ } catch (Exception e) {
+ log.warn(sm.getString("http11processor.socket.ssl"), e);
+ }
+ }
+
+
+ private void sslReHandShake() {
+ // No re-negotiation support in HTTP/2.
+ }
+
+
@Override
public void recycle() {
// StreamProcessor instances are not re-used.
Modified: tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/buf/MessageBytes.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/buf/MessageBytes.java?rev=1756124&r1=1756123&r2=1756124&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/buf/MessageBytes.java
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/buf/MessageBytes.java Fri
Aug 12 08:36:08 2016
@@ -82,9 +82,7 @@ public final class MessageBytes implemen
}
public boolean isNull() {
- // should we check also hasStrValue ???
return byteC.isNull() && charC.isNull() && ! hasStrValue;
- // bytes==null && strValue==null;
}
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
