Author: kkolinko
Date: Mon Feb 4 21:26:36 2013
New Revision: 1442371
URL: http://svn.apache.org/viewvc?rev=1442371&view=rev
Log:
Catching up with tc6.0.x/trunk
Merged revisions 1420001-1440000 from tc6.0.x/trunk.
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/ (props changed)
tomcat/tc6.0.x/branches/tomcat6-testing/NOTICE
tomcat/tc6.0.x/branches/tomcat6-testing/RUNNING.txt
tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt
tomcat/tc6.0.x/branches/tomcat6-testing/bin/setclasspath.sh
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/ApplicationFilterConfig.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/StandardWrapper.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/Constants.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/HTMLManagerServlet.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/host/Constants.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/coyote/http11/Http11AprProtocol.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/jni/SSL.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/res/LocalStrings.properties
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/deployment.xml
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/introduction.xml
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/apr.xml
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/setup.xml
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/tribes/tomcat-docs.xsl
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionsList.jsp
Propchange: tomcat/tc6.0.x/branches/tomcat6-testing/
------------------------------------------------------------------------------
Merged
/tomcat/trunk:r1041892,1043983,1049264,1371283,1430481,1430567,1435606,1435636,1435642,1439054
Merged /tomcat/tc7.0.x/trunk:r1371298,1371302,1371620
Merged /tomcat/tc6.0.x/trunk:r1420001-1440000
Modified: tomcat/tc6.0.x/branches/tomcat6-testing/NOTICE
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/NOTICE?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/NOTICE (original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/NOTICE Mon Feb 4 21:26:36 2013
@@ -1,5 +1,5 @@
Apache Tomcat
-Copyright 1999-2012 The Apache Software Foundation
+Copyright 1999-2013 The Apache Software Foundation
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
Modified: tomcat/tc6.0.x/branches/tomcat6-testing/RUNNING.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/RUNNING.txt?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/RUNNING.txt (original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/RUNNING.txt Mon Feb 4 21:26:36 2013
@@ -75,34 +75,41 @@ to prepare the command that starts Tomca
(3.1) Set CATALINA_HOME (required) and CATALINA_BASE (optional)
-The CATALINA_HOME and CATALINA_BASE environment variables are used to
-specify the location of Apache Tomcat and the location of its active
-configuration, respectively.
-
-The CATALINA_HOME environment variable should be set as defined in (2.2)
-above. The Tomcat startup scripts have some logic to set this variable
-automatically if it is absent (based on the location of the script in
-Unixes and on the current directory in Windows), but this logic might not work
-in all circumstances.
-
-The CATALINA_BASE environment variable is optional and is further described
-in the "Multiple Tomcat Instances" section below. If it is absent, it defaults
-to be equal to CATALINA_HOME.
+The CATALINA_HOME environment variable should be set to the location of the
+root directory of the "binary" distribution of Tomcat.
+
+An example was given in (2.2) above.
+
+The Tomcat startup scripts have some logic to set this variable
+automatically if it is absent, based on the location of the startup script
+in *nix and on the current directory in Windows. That logic might not work
+in all circumstances, so setting the variable explicitly is recommended.
+
+The CATALINA_BASE environment variable specifies location of the root
+directory of the "active configuration" of Tomcat. It is optional. It
+defaults to be equal to CATALINA_HOME.
+
+Using distinct values for the CATALINA_HOME and CATALINA_BASE variables is
+recommended to simplify further upgrades and maintenance. It is documented
+in the "Multiple Tomcat Instances" section below.
(3.2) Set JRE_HOME or JAVA_HOME (required)
-The JRE_HOME variable is used to specify location of a JRE that is used to
-start Tomcat.
+These variables are used to specify location of a Java Runtime
+Environment or of a Java Development Kit that is used to start Tomcat.
-The JAVA_HOME variable is used to specify location of a JDK. It is used instead
-of JRE_HOME.
+The JRE_HOME variable is used to specify location of a JRE. The JAVA_HOME
+variable is used to specify location of a JDK.
Using JAVA_HOME provides access to certain additional startup options that
are not allowed when JRE_HOME is used.
If both JRE_HOME and JAVA_HOME are specified, JRE_HOME is used.
+The recommended place to specify these variables is a "setenv" script. See
+below.
+
(3.3) Other variables (optional)
@@ -123,32 +130,31 @@ A similar variable is JAVA_OPTS. It is u
specification of options that are used both to start and to stop Tomcat as well
as for other commands.
-Do not use JAVA_OPTS to specify memory limits. You do not need much memory
-for a small process that is used to stop Tomcat. Those settings belong to
-CATALINA_OPTS.
-
-Another frequently used variable is CATALINA_PID (on *nix platforms only). It
-specifies the location of the file where process id of the forked Tomcat java
-process will be written. This setting is optional. It will enable the
+Note: Do not use JAVA_OPTS to specify memory limits. You do not need much
+memory for a small process that is used to stop Tomcat. Those settings
+belong to CATALINA_OPTS.
+
+Another frequently used variable is CATALINA_PID (on *nix only). It
+specifies the location of the file where process id of the forked Tomcat
+java process will be written. This setting is optional. It will enable the
following features:
- - better protection against duplicate start attempts and
- - allows forceful termination of Tomcat process when it does not react to
- the standard shutdown command.
+ * better protection against duplicate start attempts and
+ * allows forceful termination of Tomcat process when it does not react to
+ the standard shutdown command.
-(3.4) setenv script (optional)
+(3.4) Using the "setenv" script (optional, recommended)
Apart from CATALINA_HOME and CATALINA_BASE, all environment variables can
-be specified in the "setenv" script.
-
-The script is named setenv.bat (Windows) or setenv.sh (*nix). It can be
-placed either into CATALINA_BASE/bin or into CATALINA_HOME/bin. The file
-has to be readable.
-
-By default the setenv script file is absent. If the setenv script is
-present both in CATALINA_BASE and in CATALINA_HOME, the one in
-CATALINA_BASE is used.
+be specified in the "setenv" script. The script is placed either into
+CATALINA_BASE/bin or into CATALINA_HOME/bin directory and is named
+setenv.bat (on Windows) or setenv.sh (on *nix). The file has to be
+readable.
+
+By default the setenv script file is absent. If the script file is present
+both in CATALINA_BASE and in CATALINA_HOME, the one in CATALINA_BASE is
+preferred.
For example, to configure the JRE_HOME and CATALINA_PID variables you can
create the following script file:
@@ -158,28 +164,40 @@ On Windows, %CATALINA_BASE%\bin\setenv.b
set "JRE_HOME=%ProgramFiles%\Java\jre6"
exit /b 0
-On Unix, $CATALINA_BASE/bin/setenv.sh:
+On *nix, $CATALINA_BASE/bin/setenv.sh:
JRE_HOME=/usr/java/latest
CATALINA_PID="$CATALINA_BASE/tomcat.pid"
-You cannot configure CATALINA_HOME and CATALINA_BASE variables in the
-setenv script, because they are used to find that file.
+
+The CATALINA_HOME and CATALINA_BASE variables cannot be configured in the
+setenv script, because they are used to locate that file.
+
+All the environment variables described here and the "setenv" script are
+used only if you use the standard scripts to launch Tomcat. For example, if
+you have installed Tomcat as a service on Windows, the service wrapper
+launches Java directly and does not use the script files.
(4) Start Up Tomcat
(4.1) Tomcat can be started by executing one of the following commands:
- %CATALINA_HOME%\bin\startup.bat (Windows)
+ On Windows:
- $CATALINA_HOME/bin/startup.sh (Unix)
+ %CATALINA_HOME%\bin\startup.bat
- or
+ or
- %CATALINA_HOME%\bin\catalina.bat start (Windows)
+ %CATALINA_HOME%\bin\catalina.bat start
- $CATALINA_HOME/bin/catalina.sh start (Unix)
+ On *nix:
+
+ $CATALINA_HOME/bin/startup.sh
+
+ or
+
+ $CATALINA_HOME/bin/catalina.sh start
(4.2) After startup, the default web applications included with Tomcat will be
available by visiting:
@@ -196,15 +214,21 @@ setenv script, because they are used to
(5.1) Tomcat can be shut down by executing one of the following commands:
- %CATALINA_HOME%\bin\shutdown.bat (Windows)
+ On Windows:
+
+ %CATALINA_HOME%\bin\shutdown.bat
+
+ or
+
+ %CATALINA_HOME%\bin\catalina.bat stop
- $CATALINA_HOME/bin/shutdown.sh (Unix)
+ On *nix:
- or
+ $CATALINA_HOME/bin/shutdown.sh
- %CATALINA_HOME%\bin\catalina.bat stop (Windows)
+ or
- $CATALINA_HOME/bin/catalina.sh stop (Unix)
+ $CATALINA_HOME/bin/catalina.sh stop
==================================================
Advanced Configuration - Multiple Tomcat Instances
Modified: tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt (original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/STATUS.txt Mon Feb 4 21:26:36 2013
@@ -56,17 +56,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: kkolinko, schultz
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481
- Add support for SSLHonorCipherOrder
- http://svn.apache.org/viewvc?view=revision&revision=1371298
- http://svn.apache.org/viewvc?view=revision&revision=1371302 (rolls-back
inadvertent addition of TOMCAT-NEXT.txt)
- http://svn.apache.org/viewvc?view=revision&revision=1371620 (tab -> spaces)
- +1: schultz, kkolinko, jfclere
- -1:
- -- Note that a bug has been found in the feature to backport which
- requires an update to tcnative:
- https://issues.apache.org/bugzilla/show_bug.cgi?id=53969
-
* Chunked encoding improvements
http://people.apache.org/~markt/patches/2012-10-19-chunked-encoding-tc6.patch
+1: markt, kkolinko
@@ -76,14 +65,14 @@ PATCHES PROPOSED TO BACKPORT:
Make sure getMembers() returns available member when TcpFailureDetector works
in static cluster.
http://svn.apache.org/viewvc?view=revision&revision=1402110
- +1: kfujino, kkolinko
+ +1: kfujino, kkolinko, markt
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54080
"Comma related bug in org.apache.catalina.valves.RemoteIpValve"
Documentation-only patch:
https://issues.apache.org/bugzilla/attachment.cgi?id=29545
- +1: schultz
+ +1: schultz, markt
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54044
@@ -91,9 +80,37 @@ PATCHES PROPOSED TO BACKPORT:
that meant entries could be made with an earlier timestamp than the true
timestamp.
(The test was added to tomcat6-testing branch in r1408453)
http://svn.apache.org/viewvc?view=revision&revision=1408459
- +1: kkolinko
+ +1: kkolinko, markt
+ -1:
+
+* Improve method cache handling in SecurityUtil class.
+ Add caching for Comet methods and simplify cache lookup code.
+ It is backport of r728776 (BZ 46304) and r1429360
+
http://people.apache.org/~kkolinko/patches/2013-01-05_tc6_46304_SecurityUtil.patch
+ +1: kkolinko, schultz
-1:
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54248
+ Need to reset the decoder when the B2C converter is recycled to ensure BOMs
+ are correctly handled for those encodings that require them.
+ http://svn.apache.org/viewvc?rev=1430083&view=rev
+ +1: markt, kkolinko, schultz
+ -1:
+
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54382
+ Avoid NPE with an empty SSI directive
+ http://svn.apache.org/viewvc?view=revision&revision=1430553
+ (r1430550 in trunk)
+ +1: kkolinko, markt
+ -1:
+
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54324
+ Allow APR connector to disable TLS compression when OpenSSL supports it.
+ http://svn.apache.org/viewvc?view=revision&revision=1434887
+ http://svn.apache.org/viewvc?view=revision&revision=1435769 - Javadoc fix
+ (r1434882 r1435767 in trunk)
+ +1: schultz
+ -1:
PATCHES/ISSUES THAT ARE STALLED
@@ -112,21 +129,5 @@ PATCHES/ISSUES THAT ARE STALLED
We can stall this item until we get some feedback about 7.0.5.
markt - r1172614 needs to be included in this proposal. With that patch,
my testing shows that the unloading works as designed
+ kkolinko - r1428358 (r1428355) is needed - a fix for BZ 54260.
-1:
-
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52918
- Add WebSocket support to Tomcat 6
- +1: fhanik
- -0: jfclere
- -0: kkolinko:
- - Interesting, but I do not think there is much interest in it.
- If one needs this feature I would suggest to upgrade to Tomcat 7.
- If one cannot upgrade to Tomcat 7 then they probably cannot
- upgrade to a later Tomcat 6 either.
- - The protocol specification still evolves. I think it is too risky
- to implement websockets for Tomcat 6.
- - Formally, the proposal does not have a link to the patch.
- - The patch in Bugzilla does not include latest changes from Tomcat 7.
E.g.
- http://svn.apache.org/viewvc?view=revision&revision=1380841
- (Is one supposed to just copy the current version of websocket
- package from Tomcat 7 here?)
Modified: tomcat/tc6.0.x/branches/tomcat6-testing/bin/setclasspath.sh
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/bin/setclasspath.sh?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/bin/setclasspath.sh (original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/bin/setclasspath.sh Mon Feb 4
21:26:36 2013
@@ -23,9 +23,12 @@
# Make sure prerequisite environment variables are set
if [ -z "$JAVA_HOME" -a -z "$JRE_HOME" ]; then
- # Bugzilla 37284 (reviewed).
if $darwin; then
- if [ -d
"/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home" ]; then
+ # Bugzilla 54390
+ if [ -x '/usr/libexec/java_home' ] ; then
+ export JAVA_HOME=`/usr/libexec/java_home`
+ # Bugzilla 37284 (reviewed).
+ elif [ -d
"/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home" ]; then
export
JAVA_HOME="/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home"
fi
else
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/ApplicationFilterConfig.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/ApplicationFilterConfig.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/ApplicationFilterConfig.java
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/ApplicationFilterConfig.java
Mon Feb 4 21:26:36 2013
@@ -351,8 +351,9 @@ public final class ApplicationFilterConf
SecurityUtil.doAsPrivilege("destroy", filter);
} catch(java.lang.Exception ex){
context.getLogger().error("ApplicationFilterConfig.doAsPrivilege", ex);
+ } finally {
+ SecurityUtil.remove(filter);
}
- SecurityUtil.remove(filter);
} else {
filter.destroy();
}
@@ -401,8 +402,9 @@ public final class ApplicationFilterConf
SecurityUtil.doAsPrivilege("destroy", filter);
} catch(java.lang.Exception ex){
context.getLogger().error("ApplicationFilterConfig.doAsPrivilege", ex);
+ } finally {
+ SecurityUtil.remove(filter);
}
- SecurityUtil.remove(filter);
} else {
filter.destroy();
}
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/StandardWrapper.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/StandardWrapper.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/StandardWrapper.java
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/core/StandardWrapper.java
Mon Feb 4 21:26:36 2013
@@ -1195,13 +1195,20 @@ public class StandardWrapper
servlet);
if( Globals.IS_SECURITY_ENABLED) {
-
- Object[] args = new Object[]{((ServletConfig)facade)};
- SecurityUtil.doAsPrivilege("init",
- servlet,
- classType,
- args);
- args = null;
+ boolean success = false;
+ try {
+ Object[] args = new Object[]{ facade };
+ SecurityUtil.doAsPrivilege("init",
+ servlet,
+ classType,
+ args);
+ success = true;
+ } finally {
+ if (!success) {
+ // destroy() will not be called, thus clear the
reference now
+ SecurityUtil.remove(servlet);
+ }
+ }
} else {
servlet.init(facade);
}
@@ -1429,9 +1436,12 @@ public class StandardWrapper
(InstanceEvent.BEFORE_DESTROY_EVENT, instance);
if( Globals.IS_SECURITY_ENABLED) {
- SecurityUtil.doAsPrivilege("destroy",
- instance);
- SecurityUtil.remove(instance);
+ try {
+ SecurityUtil.doAsPrivilege("destroy",
+ instance);
+ } finally {
+ SecurityUtil.remove(instance);
+ }
} else {
instance.destroy();
}
@@ -1477,8 +1487,11 @@ public class StandardWrapper
while (!instancePool.isEmpty()) {
Servlet s = (Servlet) instancePool.pop();
if (Globals.IS_SECURITY_ENABLED) {
- SecurityUtil.doAsPrivilege("destroy", s);
- SecurityUtil.remove(instance);
+ try {
+ SecurityUtil.doAsPrivilege("destroy", s);
+ } finally {
+ SecurityUtil.remove(s);
+ }
} else {
s.destroy();
}
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/Constants.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/Constants.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/Constants.java
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/Constants.java
Mon Feb 4 21:26:36 2013
@@ -182,7 +182,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"<hr size=\"1\" noshade=\"noshade\">\n" +
"<center><font size=\"-1\" color=\"#525D76\">\n" +
- " <em>Copyright © 1999-2012, Apache Software Foundation</em>" +
+ " <em>Copyright © 1999-2013, Apache Software Foundation</em>" +
"</font></center>\n" +
"\n" +
"</body>\n" +
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/HTMLManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/HTMLManagerServlet.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/HTMLManagerServlet.java
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/HTMLManagerServlet.java
Mon Feb 4 21:26:36 2013
@@ -676,7 +676,7 @@ public final class HTMLManagerServlet ex
* @see javax.servlet.Servlet#getServletInfo()
*/
public String getServletInfo() {
- return "HTMLManagerServlet, Copyright (c) 1999-2012, The Apache
Software Foundation";
+ return "HTMLManagerServlet, Copyright (c) 1999-2013, The Apache
Software Foundation";
}
/**
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/host/Constants.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/host/Constants.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/host/Constants.java
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/catalina/manager/host/Constants.java
Mon Feb 4 21:26:36 2013
@@ -186,7 +186,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"<hr size=\"1\" noshade=\"noshade\">\n" +
"<center><font size=\"-1\" color=\"#525D76\">\n" +
- " <em>Copyright © 1999-2012, Apache Software Foundation</em>" +
+ " <em>Copyright © 1999-2013, Apache Software Foundation</em>" +
"</font></center>\n" +
"\n" +
"</body>\n" +
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/coyote/http11/Http11AprProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/coyote/http11/Http11AprProtocol.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/coyote/http11/Http11AprProtocol.java
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/coyote/http11/Http11AprProtocol.java
Mon Feb 4 21:26:36 2013
@@ -416,6 +416,17 @@ public class Http11AprProtocol extends A
/**
+ * SSL honor cipher order.
+ *
+ * Set to <code>true</code> to enforce the <i>server's</i> cipher order
+ * instead of the default which is to allow the client to choose a
+ * preferred cipher.
+ */
+ public boolean getSSLHonorCipherOrder() { return
((AprEndpoint)endpoint).getSSLHonorCipherOrder(); }
+ public void setSSLHonorCipherOrder(boolean SSLHonorCipherOrder) {
((AprEndpoint)endpoint).setSSLHonorCipherOrder(SSLHonorCipherOrder); }
+
+
+ /**
* SSL certificate file.
*/
public String getSSLCertificateFile() { return
endpoint.getSSLCertificateFile(); }
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/jni/SSL.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/jni/SSL.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/jni/SSL.java
(original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/jni/SSL.java
Mon Feb 4 21:26:36 2013
@@ -332,4 +332,13 @@ public final class SSL {
* Return last SSL error string
*/
public static native String getLastError();
+
+ /**
+ * Return true if all the requested SSL_OP_* are supported by OpenSSL.
+ *
+ * @param Bitwise-OR of all SSL_OP_* to test.
+ *
+ * @return true if all SSL_OP_* are supported by OpenSSL library.
+ */
+ public static native boolean hasOp(int op);
}
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/AprEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/AprEndpoint.java
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/AprEndpoint.java
Mon Feb 4 21:26:36 2013
@@ -519,6 +519,14 @@ public class AprEndpoint extends Abstrac
// --------------------------------------------------------- Public Methods
+ protected boolean SSLHonorCipherOrder = false;
+ /**
+ * Set to <code>true</code> to enforce the <i>server's</i> cipher order
+ * instead of the default which is to allow the client to choose a
+ * preferred cipher.
+ */
+ public void setSSLHonorCipherOrder(boolean SSLHonorCipherOrder) {
this.SSLHonorCipherOrder = SSLHonorCipherOrder; }
+ public boolean getSSLHonorCipherOrder() { return SSLHonorCipherOrder; }
/**
* Number of keepalive sockets.
@@ -755,6 +763,24 @@ public class AprEndpoint extends Abstrac
// Create SSL Context
sslContext = SSLContext.make(rootPool, value, SSL.SSL_MODE_SERVER);
+
+ // Set cipher order: client (default) or server
+ if (SSLHonorCipherOrder) {
+ boolean orderCiphersSupported = false;
+ try {
+ orderCiphersSupported =
SSL.hasOp(SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
+ if (orderCiphersSupported)
+ SSLContext.setOptions(sslContext,
SSL.SSL_OP_CIPHER_SERVER_PREFERENCE);
+ } catch (UnsatisfiedLinkError e) {
+ // Ignore
+ }
+ if (!orderCiphersSupported) {
+ // OpenSSL does not support ciphers ordering.
+ log.warn(sm.getString("endpoint.warn.noHonorCipherOrder",
+ SSL.versionString()));
+ }
+ }
+
// List the ciphers that the client is permitted to negotiate
SSLContext.setCipherSuite(sslContext, SSLCipherSuite);
// Load Server key and certificate
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/res/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/res/LocalStrings.properties?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/res/LocalStrings.properties
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/java/org/apache/tomcat/util/net/res/LocalStrings.properties
Mon Feb 4 21:26:36 2013
@@ -40,5 +40,11 @@ endpoint.process.fail=Error allocating s
endpoint.sendfile.error=Unexpected sendfile error
endpoint.sendfile.addfail=Sednfile failure: [{0}] {1}
endpoint.sendfile.nosupport=Disabling sendfile, since either the APR version
or the system doesn't support it
+endpoint.warn.noInsecureReneg=Secure re-negotiation is not supported by the
SSL library {0}
+endpoint.warn.noHonorCipherOrder='Honor cipher order' option is not supported
by the SSL library {0}
endpoint.warn.unlockAcceptorFailed=Acceptor thread [{0}] failed to unlock.
Forcing hard socket shutdown.
+endpoint.warn.noHonorCipherOrder='Honor cipher order' option is not supported
by the SSL library {0}
+endpoint.debug.channelCloseFail=Failed to close channel
+endpoint.debug.socketCloseFail=Failed to close socket
+endpoint.apr.noSslCertFile=Connector attribute SSLCertificateFile must be
defined when using SSL with APR
endpoint.apr.invalidSslProtocol=An invalid value [{0}] was provided for the
SSLProtocol attribute
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/deployment.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/deployment.xml?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/deployment.xml
(original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/deployment.xml
Mon Feb 4 21:26:36 2013
@@ -124,7 +124,7 @@ API Specification, version 2.3, which yo
<p>Like most servlet containers, Tomcat 6 also supports mechanisms to install
library JAR files (or unpacked classes) once, and make them visible to all
installed web applications (without having to be included inside the web
-application itself. The details of how Tomcat locates and shares such
+application itself). The details of how Tomcat locates and shares such
classes are described in the
<a href="../class-loader-howto.html">Class Loader HOW-TO</a> documentation.
The location commonly used within a Tomcat 6 installation for shared code is
@@ -138,9 +138,6 @@ of pre-installed shared library files, i
<ul>
<li>The <em>Servlet 2.5</em> and <em>JSP 2.1</em> APIs that are fundamental
to writing servlets and JavaServer Pages.<br/><br/></li>
-<li>An <em>XML Parser</em> compliant with the JAXP (version 1.2) APIs, so
- your application can perform DOM-based or SAX-based processing of
- XML documents.<br/><br/></li>
</ul>
</section>
@@ -177,10 +174,11 @@ the order defined by the DTD (see Sectio
<section name="Tomcat Context Descriptor">
<p>A /META-INF/context.xml file can be used to define Tomcat specific
-configuration options, such as loggers, data sources, session manager
+configuration options, such as an access log, data sources, session manager
configuration and more. This XML file must contain one Context element, which
will be considered as if it was the child of the Host element corresponding
-to the Host to which the The Tomcat configuration documentation contains
+to the Host to which the web application is being deployed. The
+<a href="../config/index.html">Tomcat configuration documentation</a> contains
information on the Context element.</p>
</section>
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/introduction.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/introduction.xml?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/introduction.xml
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/appdev/introduction.xml
Mon Feb 4 21:26:36 2013
@@ -62,18 +62,18 @@ the details of your particular environme
information, documentation, and software that is useful in developing
web applications with Tomcat.</p>
<ul>
-<li><a
href="http://java.sun.com/products/jsp/download.html";>http://java.sun.com/products/jsp/download.html</a>
-
- <i>JavaServer Pages (JSP) Specification, Version 2.0</i>. Describes
+<li><a
href="http://jcp.org/aboutJava/communityprocess/final/jsr245/index.html";>http://jcp.org/aboutJava/communityprocess/final/jsr245/</a>
-
+ <i>JavaServer Pages (JSP) Specification, Version 2.1</i>. Describes
the programming environment provided by standard implementations
of the JavaServer Pages (JSP) technology. In conjunction with
the Servlet API Specification (see below), this document describes
what a portable API page is allowed to contain. Specific
- information on scripting (Chapter 6), tag extensions (Chapter 7),
+ information on scripting (Chapter 9), tag extensions (Chapter 7),
and packaging JSP pages (Appendix A) is useful. The Javadoc
API Documentation is included in the specification, and with the
Tomcat download.<br/><br/></li>
-<li><a
href="http://java.sun.com/products/servlet/download.html";>http://java.sun.com/products/servlet/download.html</a>
-
- <i>Servlet API Specification, Version 2.4</i>. Describes the
+<li><a
href="http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index2.html";>http://jcp.org/aboutJava/communityprocess/mrel/jsr154/index2.html</a>
-
+ <i>Servlet API Specification, Version 2.5</i>. Describes the
programming environment that must be provided by all servlet
containers conforming to this specification. In particular, you
will need this document to understand the web application
@@ -83,14 +83,6 @@ web applications with Tomcat.</p>
Web Application Deployment Descriptor (Chapter 13). The Javadoc
API Documentation is included in the specification, and with the
Tomcat download.<br/><br/></li>
-<li><a
href="http://java.sun.com/j2ee/blueprints/";>http://java.sun.com/j2ee/blueprints/</a>
-
- <i>Sun BluePrints (tm) Design Guidelines for J2EE</i>. Comprehensive
- advice and examples on application design for the Java2 Enterprise
- Edition (J2EE) platform, which includes servlets and JSP pages. The
- chapters on servlet and JSP design are useful even when your application
- does not require other J2EE platform components.
- <br/><br/></li>
-<li><b>TODO</b> -- Add more entries here!</li>
</ul>
</section>
Modified: tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/apr.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/apr.xml?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/apr.xml (original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/apr.xml Mon Feb 4
21:26:36 2013
@@ -271,6 +271,11 @@
and private key have to be in this file (NOT RECOMMENDED).
</p>
</attribute>
+ <attribute name="SSLHonorCipherOrder" required="false">
+ <p>Set to <code>true</code> to enforce the server's cipher order
+ (from the <code>SSLCipherSuite</code> setting) instead of allowing
+ the client to choose the cipher (which is the default).</p>
+ </attribute>
<attribute name="SSLPassword" required="false">
<p>
Pass phrase for the encrypted private key. If "SSLPassword" is not
provided, the callback function
Modified: tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml
(original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/changelog.xml Mon Feb
4 21:26:36 2013
@@ -46,6 +46,11 @@
<section name="Tomcat 6.0.37 (jfclere)">
<subsection name="Catalina">
<changelog>
+ <fix>
+ <bug>53481</bug>: Added support for SSLHonorCipherOrder to allow
+ the server to impose its cipher order on the client. Based on a patch
+ provided by Marcel Å ebek. (schultz)
+ </fix>
<fix>
In FormAuthenticator: If it is configured to change Session IDs,
do the change before displaying the login form. (kkolinko)
@@ -62,6 +67,12 @@
<bug>54220</bug>: Ensure the ErrorReportValve only generates an error
report if the error flag on the response has been set. (markt)
</fix>
+ <fix>
+ Fix memory leak of servlet instances when running with a
+ SecurityManager and either init() or destroy() methods fail
+ or the servlet is a SingleThreadModel one, and of filter instances
+ if their destroy() method fails with an Error. (kkolinko)
+ </fix>
</changelog>
</subsection>
<subsection name="Web applications">
@@ -85,6 +96,10 @@
configuration if someone wants to move the <code>output</code>
directory
elsewhere (e.g. out of the source tree). (kkolinko)
</update>
+ <fix>
+ <bug>54390</bug>: Use 'java_home' on Mac OS X to auto-detect JAVA_HOME.
+ (schultz)
+ </fix>
</changelog>
</subsection>
</section>
Modified: tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/setup.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/setup.xml?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/setup.xml (original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/setup.xml Mon Feb 4
21:26:36 2013
@@ -35,12 +35,10 @@
<section name="Introduction">
<p>
- This document introduces several ways to set up Tomcat for running
- on different platforms. Please note that some advanced setup issues
- are not covered here: the full distribution (ZIP file or tarball)
- includes a file called
- RUNNING.txt which discusses these issues. We encourage you to refer
- to it if the information below does not answer some of your questions.
+ There are several ways to set up Tomcat for running on different
+ platforms. The main documentation for this is a file called
+ <a href="RUNNING.txt">RUNNING.txt</a>. We encourage you to refer to that
+ file if the information below does not answer some of your questions.
</p>
</section>
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/tribes/tomcat-docs.xsl
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/tribes/tomcat-docs.xsl?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
--- tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/tribes/tomcat-docs.xsl
(original)
+++ tomcat/tc6.0.x/branches/tomcat6-testing/webapps/docs/tribes/tomcat-docs.xsl
Mon Feb 4 21:26:36 2013
@@ -182,7 +182,7 @@
<xsl:comment>PAGE FOOTER</xsl:comment>
<tr><td colspan="2">
<div align="center"><font color="{$body-link}" size="-1"><em>
- Copyright © 1999-2012, Apache Software Foundation
+ Copyright © 1999-2013, Apache Software Foundation
</em></font></div>
</td></tr>
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionDetail.jsp?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
Mon Feb 4 21:26:36 2013
@@ -42,7 +42,7 @@
<meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and
should be treated as 'now' -->
<meta http-equiv="content-language" content="en"/>
<meta name="author" content="Cedrik LIME"/>
- <meta name="copyright" content="copyright 2005-2012 the Apache Software
Foundation"/>
+ <meta name="copyright" content="copyright 2005-2013 the Apache Software
Foundation"/>
<meta name="robots" content="noindex,nofollow,noarchive"/>
<title>Sessions Administration: details for <%= currentSessionId %></title>
</head>
Modified:
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionsList.jsp
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionsList.jsp?rev=1442371&r1=1442370&r2=1442371&view=diff
==============================================================================
---
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionsList.jsp
(original)
+++
tomcat/tc6.0.x/branches/tomcat6-testing/webapps/manager/WEB-INF/jsp/sessionsList.jsp
Mon Feb 4 21:26:36 2013
@@ -38,7 +38,7 @@
<meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and
should be treated as 'now' -->
<meta http-equiv="content-language" content="en"/>
<meta name="author" content="Cedrik LIME"/>
- <meta name="copyright" content="copyright 2005-2012 the Apache Software
Foundation"/>
+ <meta name="copyright" content="copyright 2005-2013 the Apache Software
Foundation"/>
<meta name="robots" content="noindex,nofollow,noarchive"/>
<title>Sessions Administration for <%= JspHelper.escapeXml(path)
%></title>
</head>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
