Author: markt
Date: Thu Jun 4 14:25:14 2009
New Revision: 781751
URL: http://svn.apache.org/viewvc?rev=781751&view=rev
Log: (empty)
Modified:
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java
tomcat/container/tc5.5.x/catalina/src/share/org/apache/naming/resources/FileDirContext.java
tomcat/container/tc5.5.x/webapps/docs/changelog.xml
Modified:
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java?rev=781751&r1=781750&r2=781751&view=diff
==============================================================================
---
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java
(original)
+++
tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java
Thu Jun 4 14:25:14 2009
@@ -19,6 +19,7 @@
package org.apache.catalina.servlets;
+import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
@@ -432,7 +433,7 @@
Node propNode = null;
- if (req.getInputStream().available() >0) {
+ if (req.getContentLength() >0) {
DocumentBuilder documentBuilder = getDocumentBuilder();
try {
@@ -463,8 +464,9 @@
}
}
} catch(Exception e) {
- // Something went wrong - use the defaults.
- // TODO : Enhance that !
+ // Something went wrong - bad request
+ resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ return;
}
}
@@ -700,7 +702,7 @@
return;
}
- if (req.getInputStream().available() > 0) {
+ if (req.getContentLength() > 0) {
DocumentBuilder documentBuilder = getDocumentBuilder();
try {
Document document = documentBuilder.parse
@@ -711,7 +713,7 @@
} catch(SAXException saxe) {
// Parse error - assume invalid content
- resp.sendError(WebdavStatus.SC_BAD_REQUEST);
+ resp.sendError(WebdavStatus.SC_UNSUPPORTED_MEDIA_TYPE);
return;
}
}
@@ -1678,12 +1680,23 @@
path, destinationPath);
if ((!result) || (!errorList.isEmpty())) {
-
- sendReport(req, resp, errorList);
+ if (errorList.size() == 1) {
+ resp.sendError(((Integer)errorList.elements().nextElement())
+ .intValue());
+ } else {
+ sendReport(req, resp, errorList);
+ }
return false;
}
+ // Copy was successful
+ if (exists) {
+ resp.setStatus(WebdavStatus.SC_NO_CONTENT);
+ } else {
+ resp.setStatus(WebdavStatus.SC_CREATED);
+ }
+
// Removing any lock-null resource which would be present at
// the destination path
lockNullResources.remove(destinationPath);
@@ -1750,9 +1763,15 @@
try {
resources.bind(dest, object);
} catch (NamingException e) {
- errorList.put
- (source,
- new Integer(WebdavStatus.SC_INTERNAL_SERVER_ERROR));
+ if (e.getCause() instanceof FileNotFoundException) {
+ // We know the source exists so it must be the
+ // destination dir that can't be found
+ errorList.put(source,
+ new Integer(WebdavStatus.SC_CONFLICT));
+ } else {
+ errorList.put(source,
+ new
Integer(WebdavStatus.SC_INTERNAL_SERVER_ERROR));
+ }
return false;
}
} else {
Modified:
tomcat/container/tc5.5.x/catalina/src/share/org/apache/naming/resources/FileDirContext.java
URL:
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/naming/resources/FileDirContext.java?rev=781751&r1=781750&r2=781751&view=diff
==============================================================================
---
tomcat/container/tc5.5.x/catalina/src/share/org/apache/naming/resources/FileDirContext.java
(original)
+++
tomcat/container/tc5.5.x/catalina/src/share/org/apache/naming/resources/FileDirContext.java
Thu Jun 4 14:25:14 2009
@@ -580,8 +580,10 @@
is.close();
}
} catch (IOException e) {
- throw new NamingException
- (sm.getString("resources.bindFailed", e));
+ NamingException ne = new NamingException
+ (sm.getString("resources.bindFailed", e));
+ ne.initCause(e);
+ throw ne;
}
}
Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?rev=781751&r1=781750&r2=781751&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Thu Jun 4 14:25:14 2009
@@ -128,6 +128,10 @@
that allowed user enumeration when using FORM authentication. This is
CVE-2009-0580. (markt)
</fix>
+ <fix>
+ Fix various WebDAV compliance issues identified by the Litmus test
+ suite. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
