Author: markt
Date: Mon Dec 21 11:13:38 2009
New Revision: 892764
URL: http://svn.apache.org/viewvc?rev=892764&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47744
Prevent medium term memory leak if using SSL under a security manager
Based on a patch by Greg Vanore
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Dec 21 11:13:38 2009
@@ -1,2 +1,2 @@
/tomcat:883362
-/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,666232,673796,673820,677910,683969,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,713953,714002,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758249,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,77
0876,772872,776921,776924,776935,776945,777464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791224,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809131,809603,810916,810977,812125,812137,812432,813001,813013,813866,814180,814708,814876,815972,816252,817442,817822,819339,819361,820110,820132,820874,820954,821397,828196,828201,828210,828225,828759,830378-830379,830999,831106,831774,831785,831828,831850,831860,832218,833121,833545,834047,835036,835336,836405,881396,881412,883130,883146,883177,883362,883565,884341,885038,885991,886019,888072,889363,889716,890139,890265,890349,890417,891185-891187,891583,892198,892415
+/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,666232,673796,673820,677910,683969,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,713953,714002,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758249,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,77
0876,772872,776921,776924,776935,776945,777464,777466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,789389,790405,791041,791184,791194,791224,791243,791326,791328,791789,792740,793372,793757,793882,793981,794082,794673,794822,795043,795152,795210,795457,795466,797168,797425,797596,797607,802727,802940,804462,804544,804734,805153,809131,809603,810916,810977,812125,812137,812432,813001,813013,813866,814180,814708,814876,815972,816252,817442,817822,819339,819361,820110,820132,820874,820954,821397,828196,828201,828210,828225,828759,830378-830379,830999,831106,831774,831785,831828,831850,831860,832218,833121,833545,834047,835036,835336,836405,881396,881412,883130,883146,883177,883362,883565,884341,885038,885991,886019,888072,889363,889716,890139,890265,890349-890350,890417,891185-891187,891583,892198,8924
15
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=892764&r1=892763&r2=892764&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Dec 21 11:13:38 2009
@@ -305,13 +305,6 @@
+1: markt, rjung
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47744
- Prevent medium term memory leak if using SSL under a security manager
- Based on a patch by Greg Vanore
- http://svn.apache.org/viewvc?rev=890350&view=rev
- +1: markt, rjung, kkolinko
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47774
Ensure web application class loader is used when calling session listeners
http://svn.apache.org/viewvc?rev=890530&view=rev
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESupport.java?rev=892764&r1=892763&r2=892764&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
Mon Dec 21 11:13:38 2009
@@ -23,6 +23,8 @@
import java.net.SocketException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
+import java.util.Map;
+import java.util.WeakHashMap;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
@@ -52,6 +54,9 @@
private static org.apache.juli.logging.Log log =
org.apache.juli.logging.LogFactory.getLog(JSSESupport.class);
+
+ private static final Map<SSLSession,Integer> keySizeCache =
+ new WeakHashMap<SSLSession, Integer>();
protected SSLSocket ssl;
protected SSLSession session;
@@ -195,7 +200,12 @@
SSLSupport.CipherData c_aux[]=ciphers;
if (session == null)
return null;
- Integer keySize = (Integer) session.getValue(KEY_SIZE_KEY);
+
+ Integer keySize = null;
+ synchronized(keySizeCache) {
+ keySize = keySizeCache.get(session);
+ }
+
if (keySize == null) {
int size = 0;
String cipherSuite = session.getCipherSuite();
@@ -206,7 +216,9 @@
}
}
keySize = new Integer(size);
- session.putValue(KEY_SIZE_KEY, keySize);
+ synchronized(keySizeCache) {
+ keySizeCache.put(session, keySize);
+ }
}
return keySize;
}
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=892764&r1=892763&r2=892764&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Dec 21 11:13:38 2009
@@ -378,6 +378,11 @@
<bug>47499</bug>: Don't swallow bind exceptions. (markt)
</fix>
<fix>
+ <bug>47744</bug>: Prevent a medium term memory leak if using SSl with
+ the JSSE provider and also using a security manager. Based on a patch
by
+ Greg Vanore. (markt)
+ </fix>
+ <fix>
<bug>47987</bug>: Limit size of not found resources cache. (markt)
</fix>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
