manager.xml

markt Sat, 27 Nov 2010 03:42:49 -0800

Author: markt
Date: Sat Nov 27 11:41:10 2010
New Revision: 1039657

URL: http://svn.apache.org/viewvc?rev=1039657&view=rev
Log:
Drop the entropy attribute. SecureRandom has a sufficiently secure self-seeding 
mechanism.


Modified:
    tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java
    tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/docs/config/manager.xml

Modified: tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java?rev=1039657&r1=1039656&r2=1039657&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java Sat Nov 27 
11:41:10 2010
@@ -28,7 +28,6 @@ import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.lang.reflect.Method;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.security.SecureRandom;
@@ -55,11 +54,9 @@ import org.apache.catalina.LifecycleExce
 import org.apache.catalina.Manager;
 import org.apache.catalina.Session;
 import org.apache.catalina.mbeans.MBeanUtils;
-import org.apache.catalina.util.Base64;
 import org.apache.catalina.util.LifecycleMBeanBase;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
-import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.res.StringManager;
 
 
@@ -100,13 +97,6 @@ public abstract class ManagerBase extend
 
 
     /**
-     * A String initialization parameter used to increase the entropy of
-     * the initialization of our random number generator.
-     */
-    protected String entropy = null;
-
-
-    /**
      * The descriptive information string for this implementation.
      */
     private static final String info = "ManagerBase/1.0";
@@ -339,58 +329,6 @@ public abstract class ManagerBase extend
 
 
     /**
-     * Return the entropy increaser value, or compute a semi-useful value
-     * if this String has not yet been set.
-     */
-    public String getEntropy() {
-
-        // Calculate a semi-useful value if this has not been set
-        if (this.entropy == null) {
-            // Use APR to get a crypto secure entropy value
-            byte[] result = new byte[32];
-            boolean apr = false;
-            try {
-                String methodName = "random";
-                Class<?> paramTypes[] = new Class[2];
-                paramTypes[0] = result.getClass();
-                paramTypes[1] = int.class;
-                Object paramValues[] = new Object[2];
-                paramValues[0] = result;
-                paramValues[1] = Integer.valueOf(32);
-                Method method = Class.forName("org.apache.tomcat.jni.OS")
-                    .getMethod(methodName, paramTypes);
-                method.invoke(null, paramValues);
-                apr = true;
-            } catch (Throwable t) {
-                ExceptionUtils.handleThrowable(t);
-            }
-            if (apr) {
-                setEntropy(Base64.encode(result));
-            } else {
-                setEntropy(this.toString());
-            }
-        }
-
-        return (this.entropy);
-
-    }
-
-
-    /**
-     * Set the entropy increaser value.
-     *
-     * @param entropy The new entropy increaser value
-     */
-    public void setEntropy(String entropy) {
-
-        String oldEntropy = entropy;
-        this.entropy = entropy;
-        support.firePropertyChange("entropy", oldEntropy, this.entropy);
-
-    }
-
-
-    /**
      * Return descriptive information about this Manager implementation and
      * the corresponding version number, in the format
      * <code>&lt;description&gt;/&lt;version&gt;</code>.
@@ -619,11 +557,6 @@ public abstract class ManagerBase extend
 
         long seed = System.currentTimeMillis();
         long t1 = seed;
-        char entropy[] = getEntropy().toCharArray();
-        for (int i = 0; i < entropy.length; i++) {
-            long update = ((byte) entropy[i]) << ((i % 8) * 8);
-            seed ^= update;
-        }
 
         // Construct and seed a new random number generator
         SecureRandom result = new SecureRandom();

Modified: tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml?rev=1039657&r1=1039656&r2=1039657&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml 
(original)
+++ tomcat/trunk/java/org/apache/catalina/session/mbeans-descriptors.xml Sat 
Nov 27 11:41:10 2010
@@ -42,12 +42,6 @@
           description="Number of duplicated session ids generated"
                  type="int" />
 
-    <attribute   name="entropy"
-          description="A String initialization parameter used to increase the
-                       entropy of the initialization of our random number
-                       generator"
-                 type="java.lang.String"/>
-                 
     <attribute   name="expiredSessions"
           description="Number of sessions that expired ( doesn't include 
explicit invalidations )"
                  type="long" />
@@ -235,12 +229,6 @@
           description="Number of duplicated session ids generated"
                  type="int" />
 
-    <attribute   name="entropy"
-          description="A String initialization parameter used to increase the
-                       entropy of the initialization of our random number
-                       generator"
-                 type="java.lang.String"/>
-                 
     <attribute   name="expiredSessions"
           description="Number of sessions that expired ( doesn't include 
explicit invalidations )"
                  type="long" />

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1039657&r1=1039656&r2=1039657&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sat Nov 27 11:41:10 2010
@@ -54,6 +54,10 @@
         <bug>50106</bug>: Correct several MBean descriptors. Patch provided by
         Eiji Takahashi. (markt)
       </fix>
+      <update>
+        Further performance improvements to session ID generation. Remove 
legacy
+        configuration options that are no longer required.
+      </update>
     </changelog>
   </subsection>
   <subsection name="Coyote">

Modified: tomcat/trunk/webapps/docs/config/manager.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/manager.xml?rev=1039657&r1=1039656&r2=1039657&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/manager.xml (original)
+++ tomcat/trunk/webapps/docs/config/manager.xml Sat Nov 27 11:41:10 2010
@@ -99,14 +99,6 @@
 
     <attributes>
 
-      <attribute name="entropy" required="false">
-        <p>A String value that is utilized when seeding the random number
-        generator used to create session identifiers for this Manager.
-        If not specified, a semi-useful value is calculated, but a long
-        String value should be specified in security-conscious
-        environments.</p>
-      </attribute>
-
       <attribute name="maxActiveSessions" required="false">
         <p>The maximum number of active sessions that will be created by
         this Manager, or -1 (the default) for no limit.</p>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1039657 - in /tomcat/trunk: java/org/apache/catalina/session/ManagerBase.java java/org/apache/catalina/session/mbeans-descriptors.xml webapps/docs/changelog.xml webapps/docs/config/manager.xml

Reply via email to