svn commit: r1799126 - in /tomcat/trunk: java/org/apache/catalina/util/SessionIdGeneratorBase.java webapps/docs/changelog.xml

Sun, 18 Jun 2017 12:53:08 -0700 

Author: markt
Date: Sun Jun 18 19:52:44 2017
New Revision: 1799126

URL: http://svn.apache.org/viewvc?rev=1799126&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=61180
Log a warning message rather than an information message if it takes more than 
100ms to initialised a SecureRandom instance for a web application to use to 
generate session identifiers.
Patch provided by Piotr Chlebda.
This closes #64

Modified:
    tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java?rev=1799126&r1=1799125&r2=1799126&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/util/SessionIdGeneratorBase.java Sun 
Jun 18 19:52:44 2017
@@ -268,10 +268,11 @@ public abstract class SessionIdGenerator
         // Force seeding to take place
         result.nextInt();
 
-        long t2=System.currentTimeMillis();
-        if( (t2-t1) > 100 )
-            log.info(sm.getString("sessionIdGeneratorBase.createRandom",
-                    result.getAlgorithm(), Long.valueOf(t2-t1)));
+        long t2 = System.currentTimeMillis();
+        if ((t2 - t1) > 100) {
+            log.warn(sm.getString("sessionIdGeneratorBase.createRandom",
+                    result.getAlgorithm(), Long.valueOf(t2 - t1)));
+        }
         return result;
     }
 

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1799126&r1=1799125&r2=1799126&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sun Jun 18 19:52:44 2017
@@ -114,6 +114,12 @@
         by Tetradeus. (violetagg)
       </add>
       <fix>
+        <bug>61180</bug>: Log a warning message rather than an information
+        message if it takes more than 100ms to initialised a
+        <code>SecureRandom</code> instance for a web application to use to
+        generate session identifiers. Patch provided by Piotr Chlebda. (markt)
+      </fix>
+      <fix>
         <bug>61185</bug>: When an asynchronous request is dispatched via
         <code>AsyncContext.dispatch()</code> ensure that
         <code>getRequestURI()</code> for the dispatched request matches that of



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to