svn commit: r1578256 - in /tomcat/trunk: java/org/apache/catalina/ant/ webapps/docs/
Author: kfujino
Date: Mon Mar 17 07:35:08 2014
New Revision: 1578256
URL: http://svn.apache.org/r1578256
Log:
Implement org.apache.catalina.ant.VminfoTask,
org.apache.catalina.ant.ThreaddumpTask and
org.apache.catalina.ant.SslConnectorCiphersTask.
Added:
tomcat/trunk/java/org/apache/catalina/ant/SslConnectorCiphersTask.java
(with props)
tomcat/trunk/java/org/apache/catalina/ant/ThreaddumpTask.java (with props)
tomcat/trunk/java/org/apache/catalina/ant/VminfoTask.java (with props)
Modified:
tomcat/trunk/java/org/apache/catalina/ant/antlib.xml
tomcat/trunk/java/org/apache/catalina/ant/catalina.tasks
tomcat/trunk/webapps/docs/changelog.xml
Added: tomcat/trunk/java/org/apache/catalina/ant/SslConnectorCiphersTask.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ant/SslConnectorCiphersTask.java?rev=1578256&view=auto
==
--- tomcat/trunk/java/org/apache/catalina/ant/SslConnectorCiphersTask.java
(added)
+++ tomcat/trunk/java/org/apache/catalina/ant/SslConnectorCiphersTask.java Mon
Mar 17 07:35:08 2014
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+package org.apache.catalina.ant;
+
+
+import org.apache.tools.ant.BuildException;
+
+
+/**
+ * Ant task that implements the /sslConnectorCiphers command
+ * supported by the Tomcat manager application.
+ *
+ */
+public class SslConnectorCiphersTask extends AbstractCatalinaTask {
+
+// Public Methods
+
+/**
+ * Execute the requested operation.
+ *
+ * @exception BuildException if an error occurs
+ */
+@Override
+public void execute() throws BuildException {
+
+super.execute();
+execute("/sslConnectorCiphers");
+
+}
+
+}
Propchange:
tomcat/trunk/java/org/apache/catalina/ant/SslConnectorCiphersTask.java
--
svn:eol-style = native
Added: tomcat/trunk/java/org/apache/catalina/ant/ThreaddumpTask.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ant/ThreaddumpTask.java?rev=1578256&view=auto
==
--- tomcat/trunk/java/org/apache/catalina/ant/ThreaddumpTask.java (added)
+++ tomcat/trunk/java/org/apache/catalina/ant/ThreaddumpTask.java Mon Mar 17
07:35:08 2014
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+package org.apache.catalina.ant;
+
+
+import org.apache.tools.ant.BuildException;
+
+
+/**
+ * Ant task that implements the /threaddump command
+ * supported by the Tomcat manager application.
+ *
+ */
+public class ThreaddumpTask extends AbstractCatalinaTask {
+
+// Public Methods
+
+/**
+ * Execute the requested operation.
+ *
+ * @exception BuildException if an error occurs
+ */
+@Override
+public void execute() throws BuildException {
+
+super.execute();
+execute("/threaddump");
+
+}
+
+}
Propchange: tomcat/trunk/java/org/apache/catalina/ant/ThreaddumpTask.java
--
svn:eol-style = native
Added: tomcat/trunk/java/org/apache/catalina/ant/VminfoTask.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ant/VminfoTask.java?rev=1578256&view=auto
buildbot failure in ASF Buildbot on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/5605 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1578226 Blamelist: kfujino BUILD FAILED: failed compile_1 sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578260 - in /tomcat/trunk: java/org/apache/catalina/ant/AbstractCatalinaTask.java webapps/docs/changelog.xml
Author: kfujino
Date: Mon Mar 17 07:46:24 2014
New Revision: 1578260
URL: http://svn.apache.org/r1578260
Log:
Add the option to ignore the constraint of the first line of the response
message that must be "OK -".
Default is false.
Modified:
tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java?rev=1578260&r1=1578259&r2=1578260&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/ant/AbstractCatalinaTask.java Mon Mar
17 07:46:24 2014
@@ -111,6 +111,20 @@ public abstract class AbstractCatalinaTa
this.username = username;
}
+/**
+ * If set to true - ignore the constraint of the first line of the response
+ * message that must be "OK -".
+ */
+protected boolean ignoreResponseConstraint = false;
+
+public boolean isIgnoreResponseConstraint() {
+return ignoreResponseConstraint;
+}
+
+public void setIgnoreResponseConstraint(boolean ignoreResponseConstraint) {
+this.ignoreResponseConstraint = ignoreResponseConstraint;
+}
+
// - Public Methods
@@ -241,7 +255,7 @@ public abstract class AbstractCatalinaTa
if (buff.length() > 0) {
String line = buff.toString();
buff.setLength(0);
-if (first) {
+if (!ignoreResponseConstraint && first) {
if (!line.startsWith("OK -")) {
error = line;
msgPriority = Project.MSG_ERR;
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1578260&r1=1578259&r2=1578260&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon Mar 17 07:46:24 2014
@@ -220,6 +220,10 @@
org.apache.catalina.ant.ThreaddumpTask and
org.apache.catalina.ant.SslConnectorCiphersTask.
(kfujino)
+
+ Add the option to ignore the constraint of the first line of the
+response message that must be "OK -". Default is false. (kfujino)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578268 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: violetagg Date: Mon Mar 17 08:36:46 2014 New Revision: 1578268 URL: http://svn.apache.org/r1578268 Log: vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1578268&r1=1578267&r2=1578268&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Mar 17 08:36:46 2014 @@ -69,7 +69,7 @@ PATCHES PROPOSED TO BACKPORT: Fix issue with Tomcat running in environments (e.g. OSGI) with alternative Servlet and JSP API implementations that package the XML schemas differently http://people.apache.org/~markt/patches/2014-03-14-osgi-resources-tc6-v2.patch - +1: markt, kkolinko + +1: markt, kkolinko, violetagg -1: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56275] New: Classloader leak in DirContextURLStreamHandler
https://issues.apache.org/bugzilla/show_bug.cgi?id=56275 Bug ID: 56275 Summary: Classloader leak in DirContextURLStreamHandler Product: Tomcat 6 Version: unspecified Hardware: All OS: Mac OS X 10.4 Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: nik...@plumbr.eu I am a developer of the tool named Plumbr, which detects memory leaks in user applications. Quite a few of our clients got reports about WebappClassLoader being retained after application undeploy. Classloader is retained in "clBindings" static field of org.apache.naming.resources.DirContextURLStreamHandler class. This prevents application's class loader from being garbage collected and eventually leads to OutOfMemoryError: PermGen. Unfortunately, I have no steps to reproduce the issue. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/5606 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1578256 Blamelist: kfujino Build succeeded! sincerely, -The Buildbot
svn commit: r1578309 - /tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Author: markt Date: Mon Mar 17 11:27:14 2014 New Revision: 1578309 URL: http://svn.apache.org/r1578309 Log: Review from kkolinko The filename of a tagged war file should be versioned + tag + baseName.war. The "tag" part was lost. Modified: tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java Modified: tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1578309&r1=1578308&r2=1578309&view=diff == --- tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java (original) +++ tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java Mon Mar 17 11:27:14 2014 @@ -741,7 +741,7 @@ public class ManagerServlet extends Http String displayPath = cn.getDisplayName(); // Find the local WAR file -File localWar = new File(versioned, baseName + ".war"); +File localWar = new File(new File(versioned, tag), baseName + ".war"); File deployedWar = new File(host.getAppBaseFile(), baseName + ".war"); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578310 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/manager/ManagerServlet.java
Author: markt Date: Mon Mar 17 11:28:05 2014 New Revision: 1578310 URL: http://svn.apache.org/r1578310 Log: Review from kkolinko The filename of a tagged war file should be versioned + tag + baseName.war. The "tag" part was lost. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1578309 Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1578310&r1=1578309&r2=1578310&view=diff == --- tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java Mon Mar 17 11:28:05 2014 @@ -739,7 +739,7 @@ public class ManagerServlet extends Http String displayPath = cn.getDisplayName(); // Find the local WAR file -File localWar = new File(versioned, baseName + ".war"); +File localWar = new File(new File(versioned, tag), baseName + ".war"); File deployedWar = new File(host.getAppBase(), baseName + ".war"); - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578313 - in /tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager: HTMLManagerServlet.java ManagerServlet.java
Author: markt
Date: Mon Mar 17 11:37:50 2014
New Revision: 1578313
URL: http://svn.apache.org/r1578313
Log:
kkolinko review
Use deployed which is known to be absolute
Also, deprecate use of getAppBase() method as it does not exist in 8.0.x and
use deployed instead (deployed only needs to be absolute not canonical).
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java?rev=1578313&r1=1578312&r2=1578313&view=diff
==
---
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java
(original)
+++
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/HTMLManagerServlet.java
Mon Mar 17 11:37:50 2014
@@ -258,7 +258,7 @@ public final class HTMLManagerServlet ex
// Identify the appBase of the owning Host of this Context
// (if any)
-File file = new File(getAppBase(), filename);
+File file = new File(deployed, filename);
if (file.exists()) {
message = smClient.getString(
"htmlManagerServlet.deployUploadWarExists",
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1578313&r1=1578312&r2=1578313&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Mon Mar 17 11:37:50 2014
@@ -741,7 +741,7 @@ public class ManagerServlet extends Http
// Find the local WAR file
File localWar = new File(new File(versioned, tag), baseName + ".war");
-File deployedWar = new File(host.getAppBase(), baseName + ".war");
+File deployedWar = new File(deployed, baseName + ".war");
// Copy WAR to appBase
try {
@@ -865,9 +865,9 @@ public class ManagerServlet extends Http
if (war != null) {
File localWar;
if (war.endsWith(".war")) {
-localWar = new File(getAppBase(), baseName +
".war");
+localWar = new File(deployed, baseName + ".war");
} else {
-localWar = new File(getAppBase(), baseName);
+localWar = new File(deployed, baseName);
}
if (localWar.exists() && !ExpandWar.delete(localWar)) {
writer.println(smClient.getString(
@@ -1388,8 +1388,8 @@ public class ManagerServlet extends Http
ExceptionUtils.handleThrowable(t);
}
try {
-File war = new File(getAppBase(), baseName + ".war");
-File dir = new File(getAppBase(), baseName);
+File war = new File(deployed, baseName + ".war");
+File dir = new File(deployed, baseName);
File xml = new File(configBase, baseName + ".xml");
if (war.exists() && !war.delete()) {
writer.println(smClient.getString(
@@ -1428,7 +1428,10 @@ public class ManagerServlet extends Http
/**
* Return a File object representing the "application root" directory
* for our associated Host.
+ *
+ * @deprecated Unused
*/
+@Deprecated
protected File getAppBase() {
if (appBase != null) {
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578329 - /tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Author: markt
Date: Mon Mar 17 12:14:37 2014
New Revision: 1578329
URL: http://svn.apache.org/r1578329
Log:
Make upload process more robust. If upload fails and it was going to update an
existing WAR, don't remove the existing WAR.
Modified:
tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Modified: tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1578329&r1=1578328&r2=1578329&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java (original)
+++ tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java Mon Mar
17 12:14:37 2014
@@ -661,7 +661,18 @@ public class ManagerServlet extends Http
// Determine full path for uploaded WAR
File uploadedWar;
if (tag == null) {
-uploadedWar = deployedWar;
+if (update) {
+// Append ".tmp" to the file name so it won't get deployed if
auto
+// deployment is enabled. It also means the old war won't get
+// deleted if the upload fails
+uploadedWar = new File(deployedWar.getAbsolutePath() + ".tmp");
+if (uploadedWar.exists() && !uploadedWar.delete()) {
+
writer.println(smClient.getString("managerServlet.deleteFail",
+uploadedWar));
+}
+} else {
+uploadedWar = deployedWar;
+}
} else {
File uploadPath = new File(versioned, tag);
if (!uploadPath.mkdirs() && !uploadPath.isDirectory()) {
@@ -679,15 +690,17 @@ public class ManagerServlet extends Http
if (!isServiced(name)) {
addServiced(name);
try {
-if (update && tag == null && deployedWar.isFile()) {
-if (!deployedWar.delete()) {
+// Upload WAR
+uploadWar(writer, request, uploadedWar, smClient);
+if (update && tag == null) {
+if (deployedWar.exists() && !deployedWar.delete()) {
writer.println(smClient.getString("managerServlet.deleteFail",
deployedWar));
return;
}
+// Rename uploaded WAR file
+uploadedWar.renameTo(deployedWar);
}
-// Upload WAR
-uploadWar(writer, request, uploadedWar, smClient);
if (tag != null) {
// Copy WAR to the host's appBase
copy(uploadedWar, deployedWar);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56248] Automatic deployment with TCD deletes customized context.xml file
https://issues.apache.org/bugzilla/show_bug.cgi?id=56248 Mark Thomas changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED --- Comment #4 from Mark Thomas --- I've fixed all of these issues for 8.0.x (8.0.4 onwards) and 7.0.x (7.0.53 onwards) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Time for 8.0.4
Hi, It has been a while since 8.0.3 and the change log is looking rather long. I've a few things left I want to look at but I expect to be in a position to tag 8.0.4 late today / early tomorrow. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578337 - in /tomcat/trunk: java/org/apache/coyote/http11/filters/ChunkedInputFilter.java test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java webapps/docs/changelog.xml
Author: markt
Date: Mon Mar 17 12:31:50 2014
New Revision: 1578337
URL: http://svn.apache.org/r1578337
Log:
Improve processing of chuck size from chunked headers. Avoid overflow and use a
bit shift instead of a multiplication as it is marginally faster.
Modified:
tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
tomcat/trunk/webapps/docs/changelog.xml
Modified:
tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?rev=1578337&r1=1578336&r2=1578337&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
(original)
+++ tomcat/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
Mon Mar 17 12:31:50 2014
@@ -319,7 +319,7 @@ public class ChunkedInputFilter implemen
int result = 0;
boolean eol = false;
-boolean readDigit = false;
+int readDigit = 0;
boolean extension = false;
while (!eol) {
@@ -341,10 +341,9 @@ public class ChunkedInputFilter implemen
} else if (!extension) {
//don't read data after the trailer
int charValue = HexUtils.getDec(buf[pos]);
-if (charValue != -1) {
-readDigit = true;
-result *= 16;
-result += charValue;
+if (charValue != -1 && readDigit < 8) {
+readDigit++;
+result = (result << 4) | charValue;
} else {
//we shouldn't allow invalid, non hex characters
//in the chunked header
@@ -367,7 +366,7 @@ public class ChunkedInputFilter implemen
}
-if (!readDigit)
+if (readDigit == 0 || result < 0)
return false;
if (result == 0)
Modified:
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java?rev=1578337&r1=1578336&r2=1578337&view=diff
==
---
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
(original)
+++
tomcat/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
Mon Mar 17 12:31:50 2014
@@ -105,7 +105,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-EchoHeaderServlet servlet = new EchoHeaderServlet();
+EchoHeaderServlet servlet = new EchoHeaderServlet(expectPass);
Tomcat.addServlet(ctx, "servlet", servlet);
ctx.addServletMapping("/", "servlet");
@@ -169,7 +169,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet());
+Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet(false));
ctx.addServletMapping("/", "servlet");
// Limit the size of the trailing header
@@ -233,7 +233,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet());
+Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet(ok));
ctx.addServletMapping("/", "servlet");
tomcat.start();
@@ -282,7 +282,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet());
+Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet(true));
ctx.addServletMapping("/", "servlet");
tomcat.start();
@@ -311,11 +311,136 @@ public class TestChunkedInputFilter exte
assertEquals("nullnull7nullnull", client.getResponseBody());
}
+@Test
+public void testChunkSizeZero() throws Exception {
+doTestChunkSize(true, true, "", 10, 0);
+}
+
+@Test
+public void testChunkSizeAbsent() throws Exception {
+doTestChunkSize(false, false, SimpleHttpClient.CRLF, 10, 0);
+}
+
+@Test
+public void testChunkSizeTwentyFive() throws Exception {
+doTestChunkSize(true, true, "19" + SimpleHttpClient.CRLF
++ "Hello World!Hello World!!" + SimpleHttpClient.CRLF, 40, 25);
+}
+
+@Test
+public void testChunkSizeEightDigit() throws Exception {
+doTestChunkSize(true, true, "000C" + SimpleHttpClient.CRLF
++ "Hello World!
svn commit: r1578339 - /tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Author: markt
Date: Mon Mar 17 12:33:14 2014
New Revision: 1578339
URL: http://svn.apache.org/r1578339
Log:
Make upload process more robust. If upload fails and it was going to update an
existing WAR, don't remove the existing WAR.
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1578339&r1=1578338&r2=1578339&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/manager/ManagerServlet.java
Mon Mar 17 12:33:14 2014
@@ -659,7 +659,18 @@ public class ManagerServlet extends Http
// Determine full path for uploaded WAR
File uploadedWar;
if (tag == null) {
-uploadedWar = deployedWar;
+if (update) {
+// Append ".tmp" to the file name so it won't get deployed if
auto
+// deployment is enabled. It also means the old war won't get
+// deleted if the upload fails
+uploadedWar = new File(deployedWar.getAbsolutePath() + ".tmp");
+if (uploadedWar.exists() && !uploadedWar.delete()) {
+
writer.println(smClient.getString("managerServlet.deleteFail",
+uploadedWar));
+}
+} else {
+uploadedWar = deployedWar;
+}
} else {
File uploadPath = new File(versioned, tag);
if (!uploadPath.mkdirs() && !uploadPath.isDirectory()) {
@@ -677,15 +688,17 @@ public class ManagerServlet extends Http
if (!isServiced(name)) {
addServiced(name);
try {
-if (update && tag == null && deployedWar.isFile()) {
-if (!deployedWar.delete()) {
+// Upload WAR
+uploadWar(writer, request, uploadedWar, smClient);
+if (update && tag == null) {
+if (deployedWar.exists() && !deployedWar.delete()) {
writer.println(smClient.getString("managerServlet.deleteFail",
deployedWar));
return;
}
+// Rename uploaded WAR file
+uploadedWar.renameTo(deployedWar);
}
-// Upload WAR
-uploadWar(writer, request, uploadedWar, smClient);
if (tag != null) {
// Copy WAR to the host's appBase
copy(uploadedWar, deployedWar);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578341 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/coyote/http11/filters/ChunkedInputFilter.java test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java webapps/docs/changel
Author: markt
Date: Mon Mar 17 12:34:59 2014
New Revision: 1578341
URL: http://svn.apache.org/r1578341
Log:
Improve processing of chuck size from chunked headers. Avoid overflow and use a
bit shift instead of a multiplication as it is marginally faster.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc7.0.x/trunk/
--
Merged /tomcat/trunk:r1578329,1578337
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java?rev=1578341&r1=1578340&r2=1578341&view=diff
==
---
tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
(original)
+++
tomcat/tc7.0.x/trunk/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
Mon Mar 17 12:34:59 2014
@@ -320,7 +320,7 @@ public class ChunkedInputFilter implemen
int result = 0;
boolean eol = false;
-boolean readDigit = false;
+int readDigit = 0;
boolean extension = false;
while (!eol) {
@@ -342,10 +342,9 @@ public class ChunkedInputFilter implemen
} else if (!extension) {
//don't read data after the trailer
int charValue = HexUtils.getDec(buf[pos]);
-if (charValue != -1) {
-readDigit = true;
-result *= 16;
-result += charValue;
+if (charValue != -1 && readDigit < 8) {
+readDigit++;
+result = (result << 4) | charValue;
} else {
//we shouldn't allow invalid, non hex characters
//in the chunked header
@@ -368,7 +367,7 @@ public class ChunkedInputFilter implemen
}
-if (!readDigit)
+if (readDigit == 0 || result < 0)
return false;
if (result == 0)
Modified:
tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java?rev=1578341&r1=1578340&r2=1578341&view=diff
==
---
tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
(original)
+++
tomcat/tc7.0.x/trunk/test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java
Mon Mar 17 12:34:59 2014
@@ -105,7 +105,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-EchoHeaderServlet servlet = new EchoHeaderServlet();
+EchoHeaderServlet servlet = new EchoHeaderServlet(expectPass);
Tomcat.addServlet(ctx, "servlet", servlet);
ctx.addServletMapping("/", "servlet");
@@ -169,7 +169,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet());
+Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet(false));
ctx.addServletMapping("/", "servlet");
// Limit the size of the trailing header
@@ -233,7 +233,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet());
+Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet(ok));
ctx.addServletMapping("/", "servlet");
tomcat.start();
@@ -282,7 +282,7 @@ public class TestChunkedInputFilter exte
Context ctx =
tomcat.addContext("", System.getProperty("java.io.tmpdir"));
-Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet());
+Tomcat.addServlet(ctx, "servlet", new EchoHeaderServlet(true));
ctx.addServletMapping("/", "servlet");
tomcat.start();
@@ -311,11 +311,136 @@ public class TestChunkedInputFilter exte
assertEquals("nullnull7nullnull", client.getResponseBody());
}
+@Test
+public void testChunkSizeZero() throws Exception {
+doTestChunkSize(true, true, "", 10, 0);
+}
+
+@Test
+public void testChunkSizeAbsent() throws Exception {
+doTestChunkSize(false, false, SimpleHttpClient.CRLF, 10, 0);
+}
+
+@Test
+public void testChunkSizeTwentyFive() throws Exception {
+doTestChunkSize(true, true, "19" +
Re: [Tomcat Wiki] Update of "FAQ/Linux_Unix" by KonstantinKolinko
Le 03/03/2014 13:40, Brian Burch a écrit : > If you need some help (perhaps QA testing), please let me know. Thank you for offering your help Brian. Tomcat 7.0.52 is now available for Debian Wheezy through the backports [1]. Tomcat 8 has been submitted and is awaiting to be reviewed. If it goes well it may be available in the backports in one month. Emmanuel Bourg [1] https://packages.debian.org/source/wheezy-backports/tomcat7 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578366 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Mon Mar 17 13:39:48 2014 New Revision: 1578366 URL: http://svn.apache.org/r1578366 Log: Proposal Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1578366&r1=1578365&r2=1578366&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Mar 17 13:39:48 2014 @@ -72,6 +72,12 @@ PATCHES PROPOSED TO BACKPORT: +1: markt, kkolinko, violetagg -1: +* Improve processing of chuck size from chunked headers. Avoid overflow and use + a bit shift instead of a multiplication as it is marginally faster. + http://people.apache.org/~markt/patches/2014-03-17-chunked-headers-tc6-v1.patch + +1: markt + -1: + PATCHES/ISSUES THAT ARE STALLED: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578369 - in /tomcat/tc6.0.x/trunk: ./ STATUS.txt java/org/apache/tomcat/util/descriptor/DigesterFactory.java java/org/apache/tomcat/util/descriptor/LocalStrings.properties webapps/docs/c
Author: markt
Date: Mon Mar 17 13:43:20 2014
New Revision: 1578369
URL: http://svn.apache.org/r1578369
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56236
Fix issue with Tomcat running in environments (e.g. OSGI) with alternative
Servlet and JSP API implementations that package the XML schemas differently
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/descriptor/DigesterFactory.java
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/descriptor/LocalStrings.properties
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
--
Merged /tomcat/trunk:r1577315,1577324,1577463
Merged /tomcat/tc7.0.x/trunk:r1577328,1577464-1577465
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1578369&r1=1578368&r2=1578369&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Mar 17 13:43:20 2014
@@ -65,13 +65,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: kkolinko, markt
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56236
- Fix issue with Tomcat running in environments (e.g. OSGI) with alternative
- Servlet and JSP API implementations that package the XML schemas differently
-
http://people.apache.org/~markt/patches/2014-03-14-osgi-resources-tc6-v2.patch
- +1: markt, kkolinko, violetagg
- -1:
-
* Improve processing of chuck size from chunked headers. Avoid overflow and use
a bit shift instead of a multiplication as it is marginally faster.
http://people.apache.org/~markt/patches/2014-03-17-chunked-headers-tc6-v1.patch
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/descriptor/DigesterFactory.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/descriptor/DigesterFactory.java?rev=1578369&r1=1578368&r2=1578369&view=diff
==
---
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/descriptor/DigesterFactory.java
(original)
+++
tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/descriptor/DigesterFactory.java
Mon Mar 17 13:43:20 2014
@@ -23,8 +23,11 @@ import java.util.Map;
import javax.servlet.ServletContext;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.digester.Digester;
import org.apache.tomcat.util.digester.RuleSet;
+import org.apache.tomcat.util.res.StringManager;
import org.xml.sax.ext.EntityResolver2;
/**
@@ -33,6 +36,25 @@ import org.xml.sax.ext.EntityResolver2;
*/
public class DigesterFactory {
+private static final Log log = LogFactory.getLog(DigesterFactory.class);
+private static final StringManager sm =
+StringManager.getManager(Constants.PACKAGE_NAME);
+
+private static final Class CLASS_SERVLET_CONTEXT;
+private static final Class CLASS_JSP_CONTEXT;
+
+static {
+CLASS_SERVLET_CONTEXT = ServletContext.class;
+Class jspContext = null;
+try {
+jspContext = Class.forName("javax.servlet.jsp.JspContext");
+} catch (ClassNotFoundException e) {
+// Ignore - JSP API is not present.
+}
+CLASS_JSP_CONTEXT = jspContext;
+}
+
+
/**
* Mapping of well-known public IDs used by the Servlet API to the matching
* local resource.
@@ -50,31 +72,31 @@ public class DigesterFactory {
Map systemIds = new HashMap();
// W3C
-publicIds.put(XmlIdentifiers.XSD_10_PUBLIC, idFor("XMLSchema.dtd"));
-publicIds.put(XmlIdentifiers.DATATYPES_PUBLIC, idFor("datatypes.dtd"));
-systemIds.put(XmlIdentifiers.XML_2001_XSD, idFor("xml.xsd"));
+add(publicIds, XmlIdentifiers.XSD_10_PUBLIC,
locationFor("XMLSchema.dtd"));
+add(publicIds, XmlIdentifiers.DATATYPES_PUBLIC,
locationFor("datatypes.dtd"));
+add(systemIds, XmlIdentifiers.XML_2001_XSD, locationFor("xml.xsd"));
// from J2EE 1.2
-publicIds.put(XmlIdentifiers.WEB_22_PUBLIC, idFor("web-app_2_2.dtd"));
-publicIds.put(XmlIdentifiers.TLD_11_PUBLIC,
idFor("web-jsptaglibrary_1_1.dtd"));
+add(publicIds, XmlIdentifiers.WEB_22_PUBLIC,
locationFor("web-app_2_2.dtd"));
+add(publicIds, XmlIdentifiers.TLD_11_PUBLIC,
locationFor("web-jsptaglibrary_1_1.dtd"));
// from J2EE 1.3
-publicIds.put(XmlIdentifiers.WEB_23_PUBLIC, idFor("web-app_2_3.dtd"));
-publicIds.put(XmlIdentifiers.TLD_12_PUBLIC,
idFor("web-jsptaglibrary_1_2.dtd"));
+add(publicIds, XmlIdentifiers.WEB_23_PUBLIC,
locationFor("web-app_2_3.dtd"));
+add(publicIds, XmlIdentifiers.TLD_12_PUBLIC,
locationFor("web-jsptaglibrary_1_2.dtd"));
/
svn commit: r1578392 - in /tomcat/trunk: java/org/apache/coyote/ajp/AbstractAjpProcessor.java test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java webapps/docs/changelog.xml
Author: markt
Date: Mon Mar 17 14:17:19 2014
New Revision: 1578392
URL: http://svn.apache.org/r1578392
Log:
Correct regression introduced in 8.0.0-RC2 as part of the Servlet 3.1
non-blocking IO support that broke handling of requests with an explicit
content length of zero.
Modified:
tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java
tomcat/trunk/test/org/apache/coyote/ajp/TestAbstractAjpProcessor.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java?rev=1578392&r1=1578391&r2=1578392&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AbstractAjpProcessor.java Mon Mar
17 14:17:19 2014
@@ -242,13 +242,6 @@ public abstract class AbstractAjpProcess
/**
- * Is a body present for the current request? This is determined by the
- * presence of the content-length header with a non-zero value.
- */
-private boolean bodyPresent = false;
-
-
-/**
* Indicates that a 'get body chunk' message has been sent but the body
* chunk has not yet been received.
*/
@@ -902,7 +895,6 @@ public abstract class AbstractAjpProcess
// Recycle Request object
first = true;
endOfStream = false;
-bodyPresent = false;
waitingForBodyMessage = false;
empty = true;
replay = false;
@@ -975,12 +967,10 @@ public abstract class AbstractAjpProcess
}
waitingForBodyMessage = false;
-first = false;
// No data received.
if (bodyMessage.getLen() == 0) {
// just the header
-// Don't mark 'end of stream' for the first chunk.
return false;
}
int blen = bodyMessage.peekInt();
@@ -1061,9 +1051,8 @@ public abstract class AbstractAjpProcess
* @return true if there is more data, false if not.
*/
protected boolean refillReadBuffer(boolean block) throws IOException {
-// If the server returns an empty packet, assume that that end of
-// the stream has been reached (yuck -- fix protocol??).
-// FORM support
+// When using replay (e.g. after FORM auth) all the data to read has
+// been buffered so there is no opportunity to refill the buffer.
if (replay) {
endOfStream = true; // we've read everything there is
}
@@ -1071,14 +1060,30 @@ public abstract class AbstractAjpProcess
return false;
}
+if (first) {
+first = false;
+long contentLength = request.getContentLengthLong();
+// - When content length > 0, AJP sends the first body message
+// automatically.
+// - When content length == 0, AJP does not send a body message.
+// - When content length is unknown, AJP does not send the first
+// body message automatically.
+if (contentLength > 0) {
+waitingForBodyMessage = true;
+} else if (contentLength == 0) {
+endOfStream = true;
+return false;
+}
+}
+
// Request more data immediately
-if (!first && !waitingForBodyMessage) {
+if (!waitingForBodyMessage) {
output(getBodyMessageArray, 0, getBodyMessageArray.length, true);
waitingForBodyMessage = true;
}
boolean moreData = receive(block);
-if (!moreData && ((first && !bodyPresent) || (!first &&
!waitingForBodyMessage))) {
+if (!moreData && !waitingForBodyMessage) {
endOfStream = true;
}
return moreData;
@@ -1160,9 +1165,6 @@ public abstract class AbstractAjpProcess
// Set the content-length header for the request
request.setContentLength(cl);
}
-if (cl != 0) {
-bodyPresent = true;
-}
} else if (hId == Constants.SC_REQ_CONTENT_TYPE ||
(hId == -1 && tmpMB.equalsIgnoreCase("Content-Type"))) {
// just read the content-type header, so set it
@@ -1519,8 +1521,8 @@ public abstract class AbstractAjpProcess
finished = true;
// Swallow the unread body packet if present
-if (first && request.getContentLengthLong() > 0 ||
waitingForBodyMessage) {
-receive(true);
+if (waitingForBodyMessage || first && request.getContentLengthLong() >
0) {
+refillReadBuffer(true);
}
// Add the end message
@@ -1539,7 +1541,7 @@ public abstract class AbstractAjpProcess
if (empty) {
try {
refillReadBuff
Re: Time for 8.0.4
2014-03-17 16:19 GMT+04:00 Mark Thomas :
> Hi,
>
> It has been a while since 8.0.3 and the change log is looking rather
> long. I've a few things left I want to look at but I expect to be in a
> position to tag 8.0.4 late today / early tomorrow.
>
There is
https://issues.apache.org/bugzilla/show_bug.cgi?id=56265
"Unexpected escaping in the values of dynamic tag attributes
containing EL expressions"
Regarding my v1 patch attached there, I think there is more to it.
That is: in the method changed by that patch, I think the 'false'
branch of "if (el.containsEL()) {" needs to have the same xmlEscaping
processing as the 'true' branch does for
"if (n instanceof Node.UninterpretedTag && n.getRoot().isXmlSyntax()) " nodes.
As of now attributes of uninterpreted XML tags that are plain text
without EL expressions are either escaped elsewhere (I have not found
where, but that would split the escaping logic between two places in
the code), or not at all.
Looking at Generator.java L1806
( Generator$GenerateVisitor.visit(Node.UninterpretedTag n) ),
it does escape double quotes there, but nothing else.
I'll work on test cases.
Best regards,
Konstantin Kolinko
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56277] New: Tomcat is down or refused connection. No response has been sent to the client (yet)
https://issues.apache.org/bugzilla/show_bug.cgi?id=56277 Bug ID: 56277 Summary: Tomcat is down or refused connection. No response has been sent to the client (yet) Product: Tomcat Connectors Version: 1.2.32 Hardware: HP OS: Linux Status: NEW Severity: normal Priority: P2 Component: mod_jk Assignee: dev@tomcat.apache.org Reporter: albice.wi...@free.fr Hello, A POST request type finish failure after only 13 seconds with message in log mod_jk: "Tomcat is down or refused connection. No response has been sent to the client (yet)" Following main principal configured timeout: Apache: Timeout 300 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 5 Mod_Jk: worker.bdi-dlj2eereca2012.connection_pool_timeout=0 worker.bdi-dlj2eereca2012.reply_timeout=0 worker.bdi-dlj2eereca2012.connect_timeout=5000 worker.bdi-dlj2eereca2012.prepost_timeout=5000 worker.bdi-dlj2eereca2012.socket_timeout=10 Tomcat: Here are the traces apache(2.2.22), mod_jk(1.2.32), tomcat(7.0.32) Do we know wich can cause this error ? Thanks by advance for your help. Willy Albice Apache: 10.12.23.72 - 13 - [17/Mar/2014:14:34:46 +0100] "POST /designer-web/axwaymessage/amf HTTP/1.1" 200 413 Mod_Jk [Mon Mar 17 14:34:56 2014] [16822:140175812310784] [error] ajp_get_reply::jk_ajp_common.c (2118): (bdi-dlj2eereca2012) Tomcat is down or refused connection. No response has been sent to the client (yet) [Mon Mar 17 14:34:59 2014] bdi-dlj2eereca2012 - POST /designer-web/axwaymessage/amf HTTP/1.1 200 13.288782 Tomcat localhost_access_log: 10.12.23.72 - - 2.686 [17/Mar/2014:14:34:59 +0100] "POST /designer-web/axwaymessage/amf HTTP/1.1" 200 413 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56277] Tomcat is down or refused connection. No response has been sent to the client (yet)
https://issues.apache.org/bugzilla/show_bug.cgi?id=56277 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #1 from Mark Thomas --- Bugzilla is not a support forum. Please use the Apache Tomcat users mailing list. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Time for 8.0.4
On 17/03/2014 14:42, Konstantin Kolinko wrote:
> 2014-03-17 16:19 GMT+04:00 Mark Thomas :
>> Hi,
>>
>> It has been a while since 8.0.3 and the change log is looking rather
>> long. I've a few things left I want to look at but I expect to be in a
>> position to tag 8.0.4 late today / early tomorrow.
>>
>
> There is
> https://issues.apache.org/bugzilla/show_bug.cgi?id=56265
> "Unexpected escaping in the values of dynamic tag attributes
> containing EL expressions"
>
> Regarding my v1 patch attached there, I think there is more to it.
> That is: in the method changed by that patch, I think the 'false'
> branch of "if (el.containsEL()) {" needs to have the same xmlEscaping
> processing as the 'true' branch does for
> "if (n instanceof Node.UninterpretedTag && n.getRoot().isXmlSyntax()) " nodes.
>
> As of now attributes of uninterpreted XML tags that are plain text
> without EL expressions are either escaped elsewhere (I have not found
> where, but that would split the escaping logic between two places in
> the code), or not at all.
>
> Looking at Generator.java L1806
> ( Generator$GenerateVisitor.visit(Node.UninterpretedTag n) ),
> it does escape double quotes there, but nothing else.
>
>
> I'll work on test cases.
I'll add this to my things to look at before I tag 8.0.4.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in ASF Buildbot on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/5608 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1578337 Blamelist: markt BUILD FAILED: failed compile_1 sincerely, -The Buildbot
buildbot success in ASF Buildbot on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-trunk/builds/5609 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/trunk] 1578392 Blamelist: markt Build succeeded! sincerely, -The Buildbot
svn commit: r1578532 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Mon Mar 17 19:41:36 2014 New Revision: 1578532 URL: http://svn.apache.org/r1578532 Log: Whitespace police Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1578532&r1=1578531&r2=1578532&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon Mar 17 19:41:36 2014 @@ -157,7 +157,7 @@ Correct regression introduced in 8.0.0-RC2 as part of the Servlet 3.1 non-blocking IO support that broke handling of requests with an explicit -content length of zero. (markt/kkolinko) +content length of zero. (markt/kkolinko) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578533 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: kkolinko Date: Mon Mar 17 19:45:57 2014 New Revision: 1578533 URL: http://svn.apache.org/r1578533 Log: vote Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1578533&r1=1578532&r2=1578533&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Mar 17 19:45:57 2014 @@ -68,8 +68,11 @@ PATCHES PROPOSED TO BACKPORT: * Improve processing of chuck size from chunked headers. Avoid overflow and use a bit shift instead of a multiplication as it is marginally faster. http://people.apache.org/~markt/patches/2014-03-17-chunked-headers-tc6-v1.patch - +1: markt + +1: markt, kkolinko -1: + kkolinko: Technical notes: +1. r1578329 does not belong to svn:mergeinfo, that is an unrelated commit +2. changelog.xml part of the patch does not merge, because of later changes PATCHES/ISSUES THAT ARE STALLED: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578537 - /tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Author: kkolinko Date: Mon Mar 17 19:59:48 2014 New Revision: 1578537 URL: http://svn.apache.org/r1578537 Log: Add bug number for r1578369 Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1578537&r1=1578536&r2=1578537&view=diff == --- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Mon Mar 17 19:59:48 2014 @@ -47,10 +47,10 @@ -Enable Tomcat to work with alternative Servlet and JSP API JARs that -package the XML schemas in such as way as to require a dependency on the -JSP API before enabling validation for web.xml. Tomcat has no such -dependency. (markt) +56236: Enable Tomcat to work with alternative Servlet and +JSP API JARs that package the XML schemas in such as way as to require +a dependency on the JSP API before enabling validation for web.xml. +Tomcat has no such dependency. (markt) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 56236] tomcat cannot startup since version 6.0.39,7.0.52,8.0 on some machines.
https://issues.apache.org/bugzilla/show_bug.cgi?id=56236 --- Comment #5 from Konstantin Kolinko --- (In reply to Konstantin Kolinko from comment #4) > The behaviour was changed in 8.0.4, 7.0.53 (and proposed for 6.0.x) to log a > warning instead of failing fatally with an NullPointerException. > Applied to Tomcat 6 as well in r1578369, will be in 6.0.40. > Note though that in my opinion any configuration that uses wrong > servlet-api JAR at runtime is a broken one. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578610 - in /tomcat/trunk: conf/ java/org/apache/catalina/ java/org/apache/catalina/core/ java/org/apache/catalina/servlets/ java/org/apache/catalina/startup/ test/org/apache/catalina/co
Author: markt
Date: Mon Mar 17 21:43:58 2014
New Revision: 1578610
URL: http://svn.apache.org/r1578610
Log:
Redefine globalXsltFile as relative to CATALINA_BASE/conf or CATALINA_HOME/conf
Modified:
tomcat/trunk/conf/web.xml
tomcat/trunk/java/org/apache/catalina/Container.java
tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java
tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java
tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
tomcat/trunk/java/org/apache/catalina/startup/FailedContext.java
tomcat/trunk/test/org/apache/catalina/core/TesterContext.java
tomcat/trunk/webapps/docs/default-servlet.xml
Modified: tomcat/trunk/conf/web.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/conf/web.xml?rev=1578610&r1=1578609&r2=1578610&view=diff
==
--- tomcat/trunk/conf/web.xml (original)
+++ tomcat/trunk/conf/web.xml Mon Mar 17 21:43:58 2014
@@ -88,10 +88,10 @@
-
-
-
-
+
+
+
+
default
Modified: tomcat/trunk/java/org/apache/catalina/Container.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/Container.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/Container.java (original)
+++ tomcat/trunk/java/org/apache/catalina/Container.java Mon Mar 17 21:43:58
2014
@@ -414,7 +414,13 @@ public interface Container extends Lifec
/**
- *
+ * Obtain the location of CATALINA_BASE.
*/
public File getCatalinaBase();
+
+
+/**
+ * Obtain the location of CATALINA_HOME.
+ */
+public File getCatalinaHome();
}
Modified: tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/ContainerBase.java Mon Mar 17
21:43:58 2014
@@ -1155,6 +1155,17 @@ public abstract class ContainerBase exte
}
+@Override
+public File getCatalinaHome() {
+
+if (parent == null) {
+return null;
+}
+
+return parent.getCatalinaHome();
+}
+
+
// -- Protected Methods
/**
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardEngine.java Mon Mar 17
21:43:58 2014
@@ -374,6 +374,22 @@ public class StandardEngine extends Cont
}
+@Override
+public File getCatalinaHome() {
+if (service != null) {
+Server s = service.getServer();
+if (s != null) {
+File base = s.getCatalinaHome();
+if (base != null) {
+return base;
+}
+}
+}
+// Fall-back
+return super.getCatalinaHome();
+}
+
+
// JMX registration
@Override
Modified: tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1578610&r1=1578609&r2=1578610&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java Mon Mar
17 21:43:58 2014
@@ -34,6 +34,7 @@ import java.io.StringWriter;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
+import java.util.Locale;
import java.util.StringTokenizer;
import javax.servlet.RequestDispatcher;
@@ -53,6 +54,7 @@ import javax.xml.transform.TransformerFa
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
+import org.apache.catalina.Context;
import org.apache.catalina.Globals;
import org.apache.catalina.WebResource;
import org.apache.catalina.WebResourceRoot;
@@ -1526,20 +1528,14 @@ public class DefaultServlet extends Http
/* Open and read in file in one fell swoop to reduce chance
* chance of leaving handle open.
*/
-if (globalXsltFile!=null) {
-FileInputStream fis = null;
-
-try {
-File f = new File(globalXsltFile
svn commit: r1578611 - in /tomcat/trunk: conf/web.xml java/org/apache/catalina/servlets/DefaultServlet.java java/org/apache/catalina/servlets/LocalStrings.properties webapps/docs/default-servlet.xml
Author: markt
Date: Mon Mar 17 21:44:48 2014
New Revision: 1578611
URL: http://svn.apache.org/r1578611
Log:
Prevent user supplied XSLTs from defining external entities
Modified:
tomcat/trunk/conf/web.xml
tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings.properties
tomcat/trunk/webapps/docs/default-servlet.xml
Modified: tomcat/trunk/conf/web.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/conf/web.xml?rev=1578611&r1=1578610&r2=1578611&view=diff
==
--- tomcat/trunk/conf/web.xml (original)
+++ tomcat/trunk/conf/web.xml Mon Mar 17 21:44:48 2014
@@ -88,10 +88,12 @@
-
-
-
-
+
+
+
+
+
+
default
Modified: tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1578611&r1=1578610&r2=1578611&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java Mon Mar
17 21:44:48 2014
@@ -47,10 +47,14 @@ import javax.servlet.UnavailableExceptio
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
@@ -64,6 +68,10 @@ import org.apache.catalina.util.RequestU
import org.apache.catalina.util.ServerInfo;
import org.apache.catalina.util.URLEncoder;
import org.apache.tomcat.util.res.StringManager;
+import org.w3c.dom.Document;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.ext.EntityResolver2;
/**
@@ -122,6 +130,11 @@ public class DefaultServlet extends Http
*/
protected static final URLEncoder urlEncoder;
+private static final DocumentBuilderFactory factory;
+
+private static final SecureEntityResolver secureEntityResolver =
+new SecureEntityResolver();
+
/**
* Full range marker.
*/
@@ -152,6 +165,10 @@ public class DefaultServlet extends Http
urlEncoder.addSafeCharacter('.');
urlEncoder.addSafeCharacter('*');
urlEncoder.addSafeCharacter('/');
+
+factory = DocumentBuilderFactory.newInstance();
+factory.setNamespaceAware(true);
+factory.setValidating(false);
}
@@ -1192,13 +1209,12 @@ public class DefaultServlet extends Http
protected InputStream render(String contextPath, WebResource resource)
throws IOException, ServletException {
-InputStream xsltInputStream =
-findXsltInputStream(resource);
+Source xsltSource = findXsltSource(resource);
-if (xsltInputStream==null) {
+if (xsltSource == null) {
return renderHtml(contextPath, resource);
}
-return renderXml(contextPath, resource, xsltInputStream);
+return renderXml(contextPath, resource, xsltSource);
}
@@ -1211,7 +1227,7 @@ public class DefaultServlet extends Http
*/
protected InputStream renderXml(String contextPath,
WebResource resource,
-InputStream xsltInputStream)
+Source xsltSource)
throws IOException, ServletException {
StringBuilder sb = new StringBuilder();
@@ -1292,8 +1308,7 @@ public class DefaultServlet extends Http
try {
TransformerFactory tFactory = TransformerFactory.newInstance();
Source xmlSource = new StreamSource(new
StringReader(sb.toString()));
-Source xslSource = new StreamSource(xsltInputStream);
-Transformer transformer = tFactory.newTransformer(xslSource);
+Transformer transformer = tFactory.newTransformer(xsltSource);
ByteArrayOutputStream stream = new ByteArrayOutputStream();
OutputStreamWriter osWriter = new OutputStreamWriter(stream,
"UTF8");
@@ -1496,9 +1511,9 @@ public class DefaultServlet extends Http
/**
- * Return the xsl template inputstream (if possible)
+ * Return a Source for the xsl template (if possible)
*/
-protected InputStream findXsltInputStream(WebResource directory)
+protected Source findXsltSource(WebResource directory)
throws IOException {
[Bug 55198] Quote entity in html element attribute evaluated in tagx if attribute contains EL expression
https://issues.apache.org/bugzilla/show_bug.cgi?id=55198
--- Comment #8 from Konstantin Kolinko ---
For reference:
(In reply to Evan Greensmith from comment #0)
>
> If your tagx file contains an html element such as
> foobar
> It renders as
> foobar
>
Technically, the textual value of the attribute of an xml tag, as returned by
XML parser here is [window.alert("Hello World!")].
The legacy behaviour - in 7.0.42 here is that when printing the tag attributes
the double quotes are replaced (") -> ("). In the tag next no
replacements are performed.
This behaviour is applied to the double quotes only, but not to other special
symbols.
Using the OP's test.war if I replace the first (non-EL) tag in clickme.tag and
clickme.tagx with the following:
Click me to display "<&>'Hello
World!"
Tomcat 7.0.42 renders it as following:
- for clickme.tag:
Click me to display "<&>'Hello
World!"
- for clickme.tagx:
Click me
to display "<&>'Hello World!"
Note that tag file renders as the source is, tagx file renders the texts as
returned by XML parser, only replacing "->" in tag attribute, but nowhere
else.
I am not saying that this is correct. I am just documenting the legacy
behaviour.
In the code, the place responsible for s/"/"/ replacement is
Generator$GenerateVisitor.visit(Node.UninterpretedTag n),
out.print(DOUBLE_QUOTE);
out.print(attrs.getValue(i).replace("\"", """));
out.print(DOUBLE_QUOTE);
If attribute value does not contain double quote chars (e.g. xml-escaping has
already been applied to it during previous processing), it will be printed as
is.
For reference,
regressions related to an attempt to fix this issue thus far are:
https://issues.apache.org/bugzilla/show_bug.cgi?id=56265
https://issues.apache.org/bugzilla/show_bug.cgi?id=56029
https://issues.apache.org/bugzilla/show_bug.cgi?id=55735
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578636 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Mon Mar 17 22:28:04 2014 New Revision: 1578636 URL: http://svn.apache.org/r1578636 Log: Update changelog Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1578636&r1=1578635&r2=1578636&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Mon Mar 17 22:28:04 2014 @@ -132,6 +132,12 @@ tests for this and similar scenarios and fix the additional issues those unit tests identified. Based on a patch by Larry Isaacs. (markt) + +Redefine the globalXsltFile initialisation parameter of the +DefaultServlet as relative to CATALINA_BASE/conf or CATALINA_HOME/conf. +Prevent user supplied XSLTs used by the DefaultServlet from defining +external entities. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578637 - in /tomcat/tc7.0.x/trunk: ./ conf/web.xml java/org/apache/catalina/servlets/DefaultServlet.java webapps/docs/default-servlet.xml
Author: markt
Date: Mon Mar 17 22:28:42 2014
New Revision: 1578637
URL: http://svn.apache.org/r1578637
Log:
Redefine globalXsltFile as relative to CATALINA_BASE/conf or CATALINA_HOME/conf
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/conf/web.xml
tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
tomcat/tc7.0.x/trunk/webapps/docs/default-servlet.xml
Propchange: tomcat/tc7.0.x/trunk/
--
Merged /tomcat/trunk:r1578610
Modified: tomcat/tc7.0.x/trunk/conf/web.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/conf/web.xml?rev=1578637&r1=1578636&r2=1578637&view=diff
==
--- tomcat/tc7.0.x/trunk/conf/web.xml (original)
+++ tomcat/tc7.0.x/trunk/conf/web.xml Mon Mar 17 22:28:42 2014
@@ -88,10 +88,10 @@
-
-
-
-
+
+
+
+
default
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1578637&r1=1578636&r2=1578637&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
Mon Mar 17 22:28:42 2014
@@ -14,8 +14,6 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
-
package org.apache.catalina.servlets;
@@ -36,6 +34,7 @@ import java.io.StringReader;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.Iterator;
+import java.util.Locale;
import java.util.StringTokenizer;
import javax.naming.InitialContext;
@@ -1606,20 +1605,24 @@ public class DefaultServlet
/* Open and read in file in one fell swoop to reduce chance
* chance of leaving handle open.
*/
-if (globalXsltFile!=null) {
-FileInputStream fis = null;
-
-try {
-File f = new File(globalXsltFile);
-if (f.exists()){
-fis =new FileInputStream(f);
+if (globalXsltFile != null) {
+File f = validateGlobalXsltFile();
+if (f != null && f.exists()){
+FileInputStream fis = null;
+try {
+fis = new FileInputStream(f);
byte b[] = new byte[(int)f.length()]; /* danger! */
fis.read(b);
return new ByteArrayInputStream(b);
+} finally {
+if (fis != null) {
+try {
+fis.close();
+} catch (IOException ioe) {
+// Ignore
+}
+}
}
-} finally {
-if (fis!=null)
-fis.close();
}
}
@@ -1628,6 +1631,50 @@ public class DefaultServlet
}
+private File validateGlobalXsltFile() {
+
+File result = null;
+String base = System.getProperty(Globals.CATALINA_BASE_PROP);
+
+if (base != null) {
+File baseConf = new File(base, "conf");
+result = validateGlobalXsltFile(baseConf);
+}
+
+if (result == null) {
+String home = System.getProperty(Globals.CATALINA_HOME_PROP);
+if (home != null) {
+File homeConf = new File(home, "conf");
+result = validateGlobalXsltFile(homeConf);
+}
+}
+
+return result;
+}
+
+
+private File validateGlobalXsltFile(File base) {
+File candidate = new File(base, globalXsltFile);
+
+// First check that the resulting path is under the provided base
+try {
+if
(!candidate.getCanonicalPath().startsWith(base.getCanonicalPath())) {
+return null;
+}
+} catch (IOException ioe) {
+return null;
+}
+
+// Next check that an .xlt or .xslt file has been specified
+String nameLower = candidate.getName().toLowerCase(Locale.ENGLISH);
+if (!nameLower.endsWith(".xslt") && !nameLower.endsWith(".xlt")) {
+return null;
+}
+
+return candidate;
+}
+
+
// protected
Methods
Modified: tomcat/tc7.0.x/trunk/webapps/docs/default-servlet.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/default-servlet.xml?rev=1578637&r1=1578636&r2=1578637&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/d
svn commit: r1578649 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: remm
Date: Mon Mar 17 22:37:57 2014
New Revision: 1578649
URL: http://svn.apache.org/r1578649
Log:
Votes.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1578649&r1=1578648&r2=1578649&view=diff
==
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Mar 17 22:37:57 2014
@@ -31,13 +31,13 @@ PATCHES PROPOSED TO BACKPORT:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56082
Concurrency issue in JULI's LogManager
http://svn.apache.org/r1562748
- +1: markt, kkolinko
+ +1: markt, kkolinko, remm
-1:
* Make the xmlBlockExternal option in Catalina and Jasper to be true by
default.
https://people.apache.org/~kkolinko/patches/2014-02-17_tc6_xmlBlockExternalTrue.patch
(backport of r1564747)
- +1: kkolinko, markt
+ +1: kkolinko, markt, remm
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56208
@@ -47,14 +47,14 @@ PATCHES PROPOSED TO BACKPORT:
(The r1564747 backport proposal above have to be applied first, as it
modified adjacent lines to this one)
http://svn.apache.org/r1570163
- +1: kkolinko, markt
+ +1: kkolinko, markt, remm
-1:
* Don't log to standard out in SSLValve.
Simplify: s/new String("xxx")/"xxx"/
http://svn.apache.org/r1081118
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/SSLValve.java?r1=1041511&r2=1041510&pathrev=1041511
- +1: kkolinko, markt
+ +1: kkolinko, markt, remm
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56010
@@ -62,13 +62,13 @@ PATCHES PROPOSED TO BACKPORT:
JspFactory.getPageContext API.
http://svn.apache.org/r1558811
http://svn.apache.org/r1574004 (documentation)
- +1: kkolinko, markt
+ +1: kkolinko, markt, remm
-1:
* Improve processing of chuck size from chunked headers. Avoid overflow and use
a bit shift instead of a multiplication as it is marginally faster.
http://people.apache.org/~markt/patches/2014-03-17-chunked-headers-tc6-v1.patch
- +1: markt, kkolinko
+ +1: markt, kkolinko, remm
-1:
kkolinko: Technical notes:
1. r1578329 does not belong to svn:mergeinfo, that is an unrelated commit
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578655 - in /tomcat/tc7.0.x/trunk: ./ conf/web.xml java/org/apache/catalina/servlets/DefaultServlet.java java/org/apache/catalina/servlets/LocalStrings.properties webapps/docs/default-se
Author: markt
Date: Mon Mar 17 23:04:45 2014
New Revision: 1578655
URL: http://svn.apache.org/r1578655
Log:
Prevent user supplied XSLTs from defining external entities
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/conf/web.xml
tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/LocalStrings.properties
tomcat/tc7.0.x/trunk/webapps/docs/default-servlet.xml
Propchange: tomcat/tc7.0.x/trunk/
--
Merged /tomcat/trunk:r1578611
Modified: tomcat/tc7.0.x/trunk/conf/web.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/conf/web.xml?rev=1578655&r1=1578654&r2=1578655&view=diff
==
--- tomcat/tc7.0.x/trunk/conf/web.xml (original)
+++ tomcat/tc7.0.x/trunk/conf/web.xml Mon Mar 17 23:04:45 2014
@@ -88,10 +88,12 @@
-
-
-
-
+
+
+
+
+
+
default
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1578655&r1=1578654&r2=1578655&view=diff
==
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
Mon Mar 17 23:04:45 2014
@@ -52,10 +52,14 @@ import javax.servlet.UnavailableExceptio
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
@@ -70,6 +74,10 @@ import org.apache.naming.resources.Proxy
import org.apache.naming.resources.Resource;
import org.apache.naming.resources.ResourceAttributes;
import org.apache.tomcat.util.res.StringManager;
+import org.w3c.dom.Document;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+import org.xml.sax.ext.EntityResolver2;
/**
@@ -119,9 +127,14 @@ public class DefaultServlet
private static final long serialVersionUID = 1L;
-// - Instance Variables
+private static final DocumentBuilderFactory factory;
+
+private static final SecureEntityResolver secureEntityResolver =
+new SecureEntityResolver();
+// - Instance Variables
+
/**
* The debugging detail level for this servlet.
*/
@@ -224,6 +237,10 @@ public class DefaultServlet
urlEncoder.addSafeCharacter('.');
urlEncoder.addSafeCharacter('*');
urlEncoder.addSafeCharacter('/');
+
+factory = DocumentBuilderFactory.newInstance();
+factory.setNamespaceAware(true);
+factory.setValidating(false);
}
@@ -1233,23 +1250,22 @@ public class DefaultServlet
}
-
/**
* Decide which way to render. HTML or XML.
*/
protected InputStream render(String contextPath, CacheEntry cacheEntry)
throws IOException, ServletException {
-InputStream xsltInputStream =
-findXsltInputStream(cacheEntry.context);
+Source xsltSource = findXsltInputStream(cacheEntry.context);
-if (xsltInputStream==null) {
+if (xsltSource == null) {
return renderHtml(contextPath, cacheEntry);
}
-return renderXml(contextPath, cacheEntry, xsltInputStream);
+return renderXml(contextPath, cacheEntry, xsltSource);
}
+
/**
* Return an InputStream to an HTML representation of the contents
* of this directory.
@@ -1259,7 +1275,7 @@ public class DefaultServlet
*/
protected InputStream renderXml(String contextPath,
CacheEntry cacheEntry,
-InputStream xsltInputStream)
+Source xsltSource)
throws IOException, ServletException {
StringBuilder sb = new StringBuilder();
@@ -1353,8 +1369,7 @@ public class DefaultServlet
try {
TransformerFactory tFactory = TransformerFactory.newInstance();
Source xmlSource = new StreamSource(new
StringReader(sb.toString()));
-Source xslSource = new StreamSource(xsltInputStream);
-Trans
svn commit: r1578656 - in /tomcat/tc7.0.x/trunk: ./ webapps/docs/changelog.xml
Author: markt Date: Mon Mar 17 23:07:41 2014 New Revision: 1578656 URL: http://svn.apache.org/r1578656 Log: Update changelog Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- Merged /tomcat/trunk:r1578636 Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1578656&r1=1578655&r2=1578656&view=diff == --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Mar 17 23:07:41 2014 @@ -96,6 +96,12 @@ simply undeploy the old version of the application before deploying the new version. (markt) + +Redefine the globalXsltFile initialisation parameter of the +DefaultServlet as relative to CATALINA_BASE/conf or CATALINA_HOME/conf. +Prevent user supplied XSLTs used by the DefaultServlet from defining +external entities. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1578658 - /tomcat/tc6.0.x/trunk/STATUS.txt
Author: markt Date: Mon Mar 17 23:18:07 2014 New Revision: 1578658 URL: http://svn.apache.org/r1578658 Log: Proposal Modified: tomcat/tc6.0.x/trunk/STATUS.txt Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1578658&r1=1578657&r2=1578658&view=diff == --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Mon Mar 17 23:18:07 2014 @@ -74,6 +74,14 @@ PATCHES PROPOSED TO BACKPORT: 1. r1578329 does not belong to svn:mergeinfo, that is an unrelated commit 2. changelog.xml part of the patch does not merge, because of later changes +* Redefine the globalXsltFile initialisation parameter of the + DefaultServlet as relative to CATALINA_BASE/conf or CATALINA_HOME/conf. + Prevent user supplied XSLTs used by the DefaultServlet from defining external + entities. + http://people.apache.org/~markt/patches/2014-03-17-globalXsltFile-tc6-v1.patch + +1: markt + -1: + PATCHES/ISSUES THAT ARE STALLED: - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in ASF Buildbot on tomcat-7-trunk
The Buildbot has detected a new failure on builder tomcat-7-trunk while building ASF Buildbot. Full details are available at: http://ci.apache.org/builders/tomcat-7-trunk/builds/1817 Buildbot URL: http://ci.apache.org/ Buildslave for this Build: bb-vm_ubuntu Build Reason: scheduler Build Source Stamp: [branch tomcat/tc7.0.x/trunk] 1578656 Blamelist: markt BUILD FAILED: failed compile_1 sincerely, -The Buildbot
