svn commit: r1729953 - in /tomcat/site/trunk: docs/index.html xdocs/index.xml
Author: jfclere Date: Fri Feb 12 08:00:45 2016 New Revision: 1729953 URL: http://svn.apache.org/viewvc?rev=1729953&view=rev Log: Restore broken history. Modified: tomcat/site/trunk/docs/index.html tomcat/site/trunk/xdocs/index.xml Modified: tomcat/site/trunk/docs/index.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/index.html?rev=1729953&r1=1729952&r2=1729953&view=diff == --- tomcat/site/trunk/docs/index.html (original) +++ tomcat/site/trunk/docs/index.html Fri Feb 12 08:00:45 2016 @@ -237,6 +237,37 @@ project logo are trademarks of the Apach + +2016-02-11 Tomcat 6.0.45 Released + + + +The Apache Tomcat Project is proud to announce the release of version 6.0.45 of +Apache Tomcat. This release includes a number of bug fixes over Apache Tomcat +6.0.44. The notable changes include: + + + +Update to Tomcat Native Library version 1.1.34. + + + + + +Note: End of life date for Apache Tomcat 6.0.x is announced. +Read more... + + + + + + +Download | +ChangeLog for 6.0.45 + + + + 2016-02-08 Tomcat 8.0.32 Released @@ -432,18 +463,19 @@ found in previous releases. - -2016-02-11 Tomcat 6.0.45 Released + +2015-05-12 Tomcat 6.0.44 Released -The Apache Tomcat Project is proud to announce the release of version 6.0.45 of -Apache Tomcat. This release includes a number of bug fixes over Apache Tomcat +The Apache Tomcat Project is proud to announce the release of version 6.0.44 of +Apache Tomcat. This release includes a number of security and bug fixes over Apache Tomcat 6.0.44. The notable changes include: -Update to Tomcat Native Library version 1.1.34. +Update to Tomcat Native Library version 1.1.33 to pick up the Windows + binaries that are based on OpenSSL 1.0.1m. @@ -458,7 +490,7 @@ Apache Tomcat. This release includes a n Download | -ChangeLog for 6.0.45 +ChangeLog for 6.0.44 Modified: tomcat/site/trunk/xdocs/index.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/index.xml?rev=1729953&r1=1729952&r2=1729953&view=diff == --- tomcat/site/trunk/xdocs/index.xml (original) +++ tomcat/site/trunk/xdocs/index.xml Fri Feb 12 08:00:45 2016 @@ -38,6 +38,25 @@ project logo are trademarks of the Apach + + +The Apache Tomcat Project is proud to announce the release of version 6.0.45 of +Apache Tomcat. This release includes a number of bug fixes over Apache Tomcat +6.0.44. The notable changes include: + + Update to Tomcat Native Library version 1.1.34. + + +Note: End of life date for Apache Tomcat 6.0.x is announced. +Read more... + + + +Download | +ChangeLog for 6.0.45 + + + The Apache Tomcat Project is proud to announce the release of version 8.0.32 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58999] StringIndexOutOfBoundsException WebAppClassLoaderBase.filter()
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999 --- Comment #1 from Violeta Georgieva --- Created attachment 33549 --> https://bz.apache.org/bugzilla/attachment.cgi?id=33549&action=edit patch Hi, I'm attaching here a patch proposal so that others can comment. I found one more problem: Packages org.apache.tomcat.jdbc javax.servlet.jsp.jstl should be permitted, but the current implementation allows only sub packages for these packages. Regards, Violeta -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1729980 - /tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Author: markt
Date: Fri Feb 12 10:53:00 2016
New Revision: 1729980
URL: http://svn.apache.org/viewvc?rev=1729980&view=rev
Log:
Performance optimisation. For a very simple servlet this reduces processing
time by ~2%.
Modified:
tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=1729980&r1=1729979&r2=1729980&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Fri Feb
12 10:53:00 2016
@@ -858,6 +858,11 @@ public class CoyoteAdapter implements Ad
ByteChunk uriBC = req.decodedURI().getByteChunk();
int semicolon = uriBC.indexOf(';', 0);
+// Performance optimisation. Return as soon as it is known there are no
+// path parameters;
+if (semicolon == -1) {
+return;
+}
// What encoding to use? Some platforms, eg z/os, use a default
// encoding that doesn't give the expected result so be explicit
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1729980 - /tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
On 12/02/2016 10:53, ma...@apache.org wrote: > Author: markt > Date: Fri Feb 12 10:53:00 2016 > New Revision: 1729980 > > URL: http://svn.apache.org/viewvc?rev=1729980&view=rev > Log: > Performance optimisation. For a very simple servlet this reduces processing > time by ~2%. For the curious, I am measuring performance as follows: - latest Java 8 - build from clean checkout - comment out access log valve - set maxKeepAliveRequests to -1 - deploy a simple test WAR that includes a Servlet that simply returns "Hello, World!" in plain text - run ab using: ab -k -c 4 -n 200 http://localhost:8080/perfTest/SimpleServlet Tests running on a fully patched 8-core Windows Server 2008R2 machine with nothing else running at the time. After warm-up, the tests is run 11 times and I am tracking mean and standard deviation for each tested configuration. The JASPIC changes currently increase processing time by ~5%. I am working on reducing that as well as looking for opportunities for improvements elsewhere. To put all of this in context, we are looking at a single request taking between 176 and 186 microseconds to complete. In most real-world applications, the application processing time will be orders of magnitude more than this. While most applications won't notice these improvements (or the impact of adding JASPIC) some will so I do think this exercise is worthwhile. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1729991 - /tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Author: markt
Date: Fri Feb 12 11:14:25 2016
New Revision: 1729991
URL: http://svn.apache.org/viewvc?rev=1729991&view=rev
Log:
Simplify
Modified:
tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
Modified: tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=1729991&r1=1729990&r2=1729991&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Fri Feb
12 11:14:25 2016
@@ -368,15 +368,11 @@ public class CoyoteAdapter implements Ad
// Ignore
} finally {
// Access log
-if (!async) {
-if (postParseSuccess) {
-// Log only if processing was invoked.
-// If postParseRequest() failed, it has already logged it.
-request.getMappingData().context.logAccess(
-request, response,
-System.currentTimeMillis() - req.getStartTime(),
-false);
-}
+if (!async && postParseSuccess) {
+// Log only if processing was invoked.
+// If postParseRequest() failed, it has already logged it.
+request.getMappingData().context.logAccess(request, response,
+System.currentTimeMillis() - req.getStartTime(),
false);
}
req.getRequestProcessor().setWorkerThreadName(null);
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1729994 - /tomcat/tc7.0.x/trunk/res/rat/rat-excludes.txt
Author: markt Date: Fri Feb 12 11:20:05 2016 New Revision: 1729994 URL: http://svn.apache.org/viewvc?rev=1729994&view=rev Log: Add missing exclude spotted by BuildBot Modified: tomcat/tc7.0.x/trunk/res/rat/rat-excludes.txt Modified: tomcat/tc7.0.x/trunk/res/rat/rat-excludes.txt URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/res/rat/rat-excludes.txt?rev=1729994&r1=1729993&r2=1729994&view=diff == --- tomcat/tc7.0.x/trunk/res/rat/rat-excludes.txt (original) +++ tomcat/tc7.0.x/trunk/res/rat/rat-excludes.txt Fri Feb 12 11:20:05 2016 @@ -22,11 +22,12 @@ - *.html files in documentation are generated from XML sources - *.md5 files are generated and cannot contain license - *.manifest JAR manifest files cannot contain license + - *.bmp image files cannot contain license - package-list files in API documentation (javadoc) are generated - bug52121-part1, bug52121-part2 files in tests are test data for a hard - to reproduce testcase and should be used as is. +to reproduce testcase and should be used as is. - other trivial test files, such as textual files containing only "OK' string, - are also excluded. +are also excluded. output/build/webapps/docs/*.html output/build/webapps/docs/appdev/*.html @@ -35,6 +36,7 @@ output/build/webapps/docs/config/*.html output/build/webapps/docs/funcspecs/*.html output/build/webapps/docs/tribes/*.html output/deployer/deployer-howto.html +output/dist/side_left.bmp output/dist/webapps/docs/*.html output/dist/webapps/docs/appdev/*.html output/dist/webapps/docs/architecture/*.html - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1729995 - /tomcat/trunk/res/rat/rat-excludes.txt
Author: markt Date: Fri Feb 12 11:21:31 2016 New Revision: 1729995 URL: http://svn.apache.org/viewvc?rev=1729995&view=rev Log: Add missing exclude spotted by BuildBot Modified: tomcat/trunk/res/rat/rat-excludes.txt Modified: tomcat/trunk/res/rat/rat-excludes.txt URL: http://svn.apache.org/viewvc/tomcat/trunk/res/rat/rat-excludes.txt?rev=1729995&r1=1729994&r2=1729995&view=diff == --- tomcat/trunk/res/rat/rat-excludes.txt (original) +++ tomcat/trunk/res/rat/rat-excludes.txt Fri Feb 12 11:21:31 2016 @@ -47,6 +47,8 @@ - files used simply to ensure directories are not empty + - *.bmp files + output/build/webapps/docs/*.html output/build/webapps/docs/appdev/*.html output/build/webapps/docs/architecture/*.html @@ -183,3 +185,5 @@ output/dist/src/res/checkstyle/header-al res/checkstyle/header-al2.txt output/dist/temp/safeToDelete.tmp + +output/dist/side_left.bmp \ No newline at end of file - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1729997 - /tomcat/tc8.0.x/trunk/res/rat/rat-excludes.txt
Author: markt Date: Fri Feb 12 11:23:56 2016 New Revision: 1729997 URL: http://svn.apache.org/viewvc?rev=1729997&view=rev Log: Add missing exclude spotted by BuildBot Modified: tomcat/tc8.0.x/trunk/res/rat/rat-excludes.txt Modified: tomcat/tc8.0.x/trunk/res/rat/rat-excludes.txt URL: http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/res/rat/rat-excludes.txt?rev=1729997&r1=1729996&r2=1729997&view=diff == --- tomcat/tc8.0.x/trunk/res/rat/rat-excludes.txt (original) +++ tomcat/tc8.0.x/trunk/res/rat/rat-excludes.txt Fri Feb 12 11:23:56 2016 @@ -32,6 +32,8 @@ - JSON files (RFC7159) are data and cannot contain comments + - unused modules + output/build/webapps/docs/*.html output/build/webapps/docs/appdev/*.html output/build/webapps/docs/architecture/*.html @@ -69,3 +71,5 @@ test/webapp-fragments/WEB-INF/classes/*. webapps/examples/WEB-INF/classes/websocket/echo/servers.json output/build/webapps/examples/WEB-INF/classes/websocket/echo/servers.json output/dist/webapps/examples/WEB-INF/classes/websocket/echo/servers.json + +modules/tomcat-lite/* \ No newline at end of file - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/1042 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1729991 Blamelist: markt BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1729980 - /tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
2016-02-12 12:07 GMT+01:00 Mark Thomas : > On 12/02/2016 10:53, ma...@apache.org wrote: > > Author: markt > > Date: Fri Feb 12 10:53:00 2016 > > New Revision: 1729980 > > > > URL: http://svn.apache.org/viewvc?rev=1729980&view=rev > > Log: > > Performance optimisation. For a very simple servlet this reduces > processing time by ~2%. > > For the curious, I am measuring performance as follows: > - latest Java 8 > - build from clean checkout > - comment out access log valve > - set maxKeepAliveRequests to -1 > - deploy a simple test WAR that includes a Servlet that simply returns > "Hello, World!" in plain text > - run ab using: > ab -k -c 4 -n 200 http://localhost:8080/perfTest/SimpleServlet Yes, that's what I used to optimize from 4.1 to 6.0 :) > > Tests running on a fully patched 8-core Windows Server 2008R2 machine > with nothing else running at the time. > But I didn't use that then ! > > After warm-up, the tests is run 11 times and I am tracking mean and > standard deviation for each tested configuration. > Hum, well, less is fine as well IMO. This sort of ab test is also very easy to profile (-k is critical for that). Rémy
svn commit: r1730007 - in /tomcat/tc6.0.x/trunk/res: welcome.bin.html welcome.main.html
Author: jfclere Date: Fri Feb 12 12:17:02 2016 New Revision: 1730007 URL: http://svn.apache.org/viewvc?rev=1730007&view=rev Log: Remove Itanium 64-bit Windows platforms binaries. Modified: tomcat/tc6.0.x/trunk/res/welcome.bin.html tomcat/tc6.0.x/trunk/res/welcome.main.html Modified: tomcat/tc6.0.x/trunk/res/welcome.bin.html URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/res/welcome.bin.html?rev=1730007&r1=1730006&r2=1730007&view=diff == --- tomcat/tc6.0.x/trunk/res/welcome.bin.html (original) +++ tomcat/tc6.0.x/trunk/res/welcome.bin.html Fri Feb 12 12:17:02 2016 @@ -59,10 +59,6 @@ RELEASE-NOTES and the RUNNING.txt file i 64-bit Windows specific distribution that includes the Windows service wrapper and the compiled APR/native library for use with 64-bit JVMs on x64 Windows platforms. - apache-tomcat-[version]-windows-i64.zip -64-bit Windows specific distribution that includes the Windows service -wrapper and the compiled APR/native library for use with 64-bit JVMs on -Itanium 64-bit Windows platforms. apache-tomcat-[version]-deployer.zip or .tar.gz The standalone Tomcat Web Application Deployer. apache-tomcat-[version]-fulldocs.tar.gz Modified: tomcat/tc6.0.x/trunk/res/welcome.main.html URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/res/welcome.main.html?rev=1730007&r1=1730006&r2=1730007&view=diff == --- tomcat/tc6.0.x/trunk/res/welcome.main.html (original) +++ tomcat/tc6.0.x/trunk/res/welcome.main.html Fri Feb 12 12:17:02 2016 @@ -59,10 +59,6 @@ RELEASE-NOTES and the RUNNING.txt file i 64-bit Windows specific distribution that includes the Windows service wrapper and the compiled APR/native library for use with 64-bit JVMs on x64 Windows platforms. - apache-tomcat-[version]-windows-i64.zip -64-bit Windows specific distribution that includes the Windows service -wrapper and the compiled APR/native library for use with 64-bit JVMs on -Itanium 64-bit Windows platforms. apache-tomcat-[version]-deployer.zip or .tar.gz The standalone Tomcat Web Application Deployer. apache-tomcat-[version]-fulldocs.tar.gz - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1730008 - /tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterFactory.java
Author: markt
Date: Fri Feb 12 12:17:43 2016
New Revision: 1730008
URL: http://svn.apache.org/viewvc?rev=1730008&view=rev
Log:
Clean-up & re-order
No measurable performance improvement
Modified:
tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterFactory.java
Modified:
tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterFactory.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterFactory.java?rev=1730008&r1=1730007&r2=1730008&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterFactory.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterFactory.java
Fri Feb 12 12:17:43 2016
@@ -50,22 +50,8 @@ public final class ApplicationFilterFact
* @return The configured FilterChain instance or null if none is to be
* executed.
*/
-public static ApplicationFilterChain createFilterChain
-(ServletRequest request, Wrapper wrapper, Servlet servlet) {
-
-// get the dispatcher type
-DispatcherType dispatcher = null;
-if (request.getAttribute(Globals.DISPATCHER_TYPE_ATTR) != null) {
-dispatcher = (DispatcherType) request.getAttribute(
-Globals.DISPATCHER_TYPE_ATTR);
-}
-String requestPath = null;
-Object attribute = request.getAttribute(
-Globals.DISPATCHER_REQUEST_PATH_ATTR);
-
-if (attribute != null){
-requestPath = attribute.toString();
-}
+public static ApplicationFilterChain createFilterChain(ServletRequest
request,
+Wrapper wrapper, Servlet servlet) {
// If there is no servlet to execute, return null
if (servlet == null)
@@ -102,6 +88,15 @@ public final class ApplicationFilterFact
return (filterChain);
// Acquire the information we will need to match filter mappings
+DispatcherType dispatcher =
+(DispatcherType)
request.getAttribute(Globals.DISPATCHER_TYPE_ATTR);
+
+String requestPath = null;
+Object attribute =
request.getAttribute(Globals.DISPATCHER_REQUEST_PATH_ATTR);
+if (attribute != null){
+requestPath = attribute.toString();
+}
+
String servletName = wrapper.getName();
// Add the relevant path-mapped filters to this filter chain
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r12367 - in /release/tomcat/tomcat-6/v6.0.45: README.html bin/README.html
Author: jfclere Date: Fri Feb 12 12:19:21 2016 New Revision: 12367 Log: Remove Itanium 64-bit Windows platforms binaries. Modified: release/tomcat/tomcat-6/v6.0.45/README.html release/tomcat/tomcat-6/v6.0.45/bin/README.html Modified: release/tomcat/tomcat-6/v6.0.45/README.html == --- release/tomcat/tomcat-6/v6.0.45/README.html (original) +++ release/tomcat/tomcat-6/v6.0.45/README.html Fri Feb 12 12:19:21 2016 @@ -59,10 +59,6 @@ RELEASE-NOTES and the RUNNING.txt file i 64-bit Windows specific distribution that includes the Windows service wrapper and the compiled APR/native library for use with 64-bit JVMs on x64 Windows platforms. - apache-tomcat-[version]-windows-i64.zip -64-bit Windows specific distribution that includes the Windows service -wrapper and the compiled APR/native library for use with 64-bit JVMs on -Itanium 64-bit Windows platforms. apache-tomcat-[version]-deployer.zip or .tar.gz The standalone Tomcat Web Application Deployer. apache-tomcat-[version]-fulldocs.tar.gz Modified: release/tomcat/tomcat-6/v6.0.45/bin/README.html == --- release/tomcat/tomcat-6/v6.0.45/bin/README.html (original) +++ release/tomcat/tomcat-6/v6.0.45/bin/README.html Fri Feb 12 12:19:21 2016 @@ -59,10 +59,6 @@ RELEASE-NOTES and the RUNNING.txt file i 64-bit Windows specific distribution that includes the Windows service wrapper and the compiled APR/native library for use with 64-bit JVMs on x64 Windows platforms. - apache-tomcat-[version]-windows-i64.zip -64-bit Windows specific distribution that includes the Windows service -wrapper and the compiled APR/native library for use with 64-bit JVMs on -Itanium 64-bit Windows platforms. apache-tomcat-[version]-deployer.zip or .tar.gz The standalone Tomcat Web Application Deployer. apache-tomcat-[version]-fulldocs.tar.gz - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1730012 - /tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java
Author: markt
Date: Fri Feb 12 12:28:29 2016
New Revision: 1730012
URL: http://svn.apache.org/viewvc?rev=1730012&view=rev
Log:
Clean-up.
Modified:
tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java
Modified: tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java?rev=1730012&r1=1730011&r2=1730012&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/core/ApplicationFilterChain.java Fri
Feb 12 12:28:29 2016
@@ -173,9 +173,8 @@ final class ApplicationFilterChain imple
// Call the next filter if there is one
if (pos < n) {
ApplicationFilterConfig filterConfig = filters[pos++];
-Filter filter = null;
try {
-filter = filterConfig.getFilter();
+Filter filter = filterConfig.getFilter();
if (request.isAsyncSupported() && "false".equalsIgnoreCase(
filterConfig.getFilterDef().getAsyncSupported())) {
@@ -215,42 +214,33 @@ final class ApplicationFilterChain imple
}
// Use potentially wrapped request from this point
if ((request instanceof HttpServletRequest) &&
-(response instanceof HttpServletResponse)) {
-
-if( Globals.IS_SECURITY_ENABLED ) {
-final ServletRequest req = request;
-final ServletResponse res = response;
-Principal principal =
-((HttpServletRequest) req).getUserPrincipal();
-Object[] args = new Object[]{req, res};
-SecurityUtil.doAsPrivilege("service",
- servlet,
- classTypeUsedInService,
- args,
- principal);
-} else {
-servlet.service(request, response);
-}
+(response instanceof HttpServletResponse) &&
+Globals.IS_SECURITY_ENABLED ) {
+final ServletRequest req = request;
+final ServletResponse res = response;
+Principal principal =
+((HttpServletRequest) req).getUserPrincipal();
+Object[] args = new Object[]{req, res};
+SecurityUtil.doAsPrivilege("service",
+ servlet,
+ classTypeUsedInService,
+ args,
+ principal);
} else {
servlet.service(request, response);
}
-} catch (IOException e) {
-throw e;
-} catch (ServletException e) {
-throw e;
-} catch (RuntimeException e) {
+} catch (IOException | ServletException | RuntimeException e) {
throw e;
} catch (Throwable e) {
+e = ExceptionUtils.unwrapInvocationTargetException(e);
ExceptionUtils.handleThrowable(e);
-throw new ServletException
- (sm.getString("filterChain.servlet"), e);
+throw new ServletException(sm.getString("filterChain.servlet"), e);
} finally {
if (ApplicationDispatcher.WRAP_SAME_OBJECT) {
lastServicedRequest.set(null);
lastServicedResponse.set(null);
}
}
-
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/1044 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1730008 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1730017 - in /tomcat/site/trunk: docs/download-60.html xdocs/download-60.xml
Author: jfclere Date: Fri Feb 12 13:01:39 2016 New Revision: 1730017 URL: http://svn.apache.org/viewvc?rev=1730017&view=rev Log: Remove Itanium 64-bit Windows platforms binaries. Modified: tomcat/site/trunk/docs/download-60.html tomcat/site/trunk/xdocs/download-60.xml Modified: tomcat/site/trunk/docs/download-60.html URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-60.html?rev=1730017&r1=1730016&r2=1730017&view=diff == --- tomcat/site/trunk/docs/download-60.html (original) +++ tomcat/site/trunk/docs/download-60.html Fri Feb 12 13:01:39 2016 @@ -317,13 +317,6 @@ -64-bit Itanium Windows zip -(https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v]-windows-i64.zip.asc";>pgp, -https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v]-windows-i64.zip.md5";>md5) - - - - 32-bit/64-bit Windows Service Installer (https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v].exe.asc";>pgp, https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v].exe.md5";>md5) Modified: tomcat/site/trunk/xdocs/download-60.xml URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-60.xml?rev=1730017&r1=1730016&r2=1730017&view=diff == --- tomcat/site/trunk/xdocs/download-60.xml (original) +++ tomcat/site/trunk/xdocs/download-60.xml Fri Feb 12 13:01:39 2016 @@ -99,11 +99,6 @@ https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v]-windows-x64.zip.md5";>md5) -64-bit Itanium Windows zip -(https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v]-windows-i64.zip.asc";>pgp, -https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v]-windows-i64.zip.md5";>md5) - - 32-bit/64-bit Windows Service Installer (https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v].exe.asc";>pgp, https://www.apache.org/dist/tomcat/tomcat-6/v[v]/bin/apache-tomcat-[v].exe.md5";>md5) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1729980 - /tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
On 12/02/2016 11:58, Rémy Maucherat wrote: > 2016-02-12 12:07 GMT+01:00 Mark Thomas : > >> On 12/02/2016 10:53, ma...@apache.org wrote: >>> Author: markt >>> Date: Fri Feb 12 10:53:00 2016 >>> New Revision: 1729980 >>> >>> URL: http://svn.apache.org/viewvc?rev=1729980&view=rev >>> Log: >>> Performance optimisation. For a very simple servlet this reduces >> processing time by ~2%. >> >> For the curious, I am measuring performance as follows: >> - latest Java 8 >> - build from clean checkout >> - comment out access log valve >> - set maxKeepAliveRequests to -1 >> - deploy a simple test WAR that includes a Servlet that simply returns >> "Hello, World!" in plain text >> - run ab using: >> ab -k -c 4 -n 200 http://localhost:8080/perfTest/SimpleServlet > > > Yes, that's what I used to optimize from 4.1 to 6.0 :) > >> >> Tests running on a fully patched 8-core Windows Server 2008R2 machine >> with nothing else running at the time. >> > > But I didn't use that then ! > >> >> After warm-up, the tests is run 11 times and I am tracking mean and >> standard deviation for each tested configuration. >> > > Hum, well, less is fine as well IMO. This sort of ab test is also very easy > to profile (-k is critical for that). Generally I agree with you. In this case I just want to be sure when I see a difference that the difference is genuine. So far this is the only place I've managed to find somewhere to squeeze more performance out of the standard processing chain. I've still got a few areas to check but I suspect that there isn't much more to find unless we start doing stuff like moving lesser used features to optional Valves or similar (and I'm not advocating that). Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1730034 - /tomcat/trunk/java/org/apache/coyote/AsyncStateMachine.java
Author: markt
Date: Fri Feb 12 15:00:44 2016
New Revision: 1730034
URL: http://svn.apache.org/viewvc?rev=1730034&view=rev
Log:
Performance optimisation.
For a very simple servlet this reduces processing time by ~1%.
Modified:
tomcat/trunk/java/org/apache/coyote/AsyncStateMachine.java
Modified: tomcat/trunk/java/org/apache/coyote/AsyncStateMachine.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AsyncStateMachine.java?rev=1730034&r1=1730033&r2=1730034&view=diff
==
--- tomcat/trunk/java/org/apache/coyote/AsyncStateMachine.java [UTF-8]
(original)
+++ tomcat/trunk/java/org/apache/coyote/AsyncStateMachine.java [UTF-8] Fri Feb
12 15:00:44 2016
@@ -411,11 +411,18 @@ public class AsyncStateMachine {
public synchronized void recycle() {
+// Use lastAsyncStart to determine if this instance has been used since
+// it was last recycled. If it hasn't there is no need to recycle again
+// which saves the relatively expensive call to notifyAll()
+if (lastAsyncStart == 0) {
+return;
+}
// Ensure in case of error that any non-container threads that have
been
// paused are unpaused.
notifyAll();
asyncCtxt = null;
state = AsyncState.DISPATCHED;
+lastAsyncStart = 0;
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1730038 - /tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java
Author: markt Date: Fri Feb 12 15:06:31 2016 New Revision: 1730038 URL: http://svn.apache.org/viewvc?rev=1730038&view=rev Log: Remove unnecessary code. The socket/processor is already added to the connections map. Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java Modified: tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java?rev=1730038&r1=1730037&r2=1730038&view=diff == --- tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java (original) +++ tomcat/trunk/java/org/apache/coyote/AbstractProtocol.java Fri Feb 12 15:06:31 2016 @@ -797,7 +797,6 @@ public abstract class AbstractProtocol
[Bug 58999] StringIndexOutOfBoundsException WebAppClassLoaderBase.filter()
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999 --- Comment #2 from Shon Vella --- Looked over the patch and I think the changes for org.apache.tomcat.jdbc javax.servlet.jsp.jstl will now incorrectly detect things like org.apache.tomcat.jdbcx and javax.servlet.jsp.jstly - Not very likely to happen in the wild I know, but I wouldn't have thought org and javax would have been very likely either. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[ANN] Apache Tomcat 6.0.45 available
The Apache Tomcat team announces the immediate availability of Apache Tomcat 6.0.45. Apache Tomcat is an open source software implementation of the Java Servlet, JavaServer Pages and Java Expression Language technologies. This release contains a number of bug fixes and improvements compared to version 6.0.44. The notable changes since 6.0.45 include: - Update to Tomcat Native Library version 1.1.34. - Drop support for support for Intel Itanium CPU. Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-6.0-doc/changelog.html Note: This version has 3 zip binaries: a generic one and two bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures. Downloads: http://tomcat.apache.org/download-60.cgi Migration guides from Apache Tomcat 5.5.x: http://tomcat.apache.org/migration.html - The Apache Tomcat team - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58999] StringIndexOutOfBoundsException WebAppClassLoaderBase.filter()
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999 --- Comment #3 from Violeta Georgieva --- (In reply to Shon Vella from comment #2) > Looked over the patch and I think the changes for org.apache.tomcat.jdbc > javax.servlet.jsp.jstl will now incorrectly detect things like > org.apache.tomcat.jdbcx and javax.servlet.jsp.jstly - Not very likely to > happen in the wild I know, but I wouldn't have thought org and javax would > have been very likely either. If you read again the code you will see that the check for these packages (org.apache.tomcat.jdbc, javax.servlet.jsp.jstl) is introduced in order to permit them not to deny them. So if there are packages in the client code that are like those that you described above then they will be permitted. Regards, Violeta -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58244] two way SSL loses client certificate after a few requests
https://bz.apache.org/bugzilla/show_bug.cgi?id=58244 --- Comment #11 from David Balažic --- Same with tomcat version 8.0.32 which bundles OpenSSL 1.0.2e (see below) The issue remains (with the change that now IE can not connect at all, it complains about some TLS stuff, did not look into it). Version details (from tomcat startup log): Loaded APR based Apache Tomcat Native library 1.2.4 using APR version 1.5.1. OpenSSL successfully initialized (OpenSSL 1.0.2e 3 Dec 2015) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1730101 - in /tomcat/trunk: java/org/apache/catalina/loader/WebappClassLoaderBase.java test/org/apache/catalina/loader/TestWebappClassLoader.java
Author: rjung
Date: Fri Feb 12 20:35:26 2016
New Revision: 1730101
URL: http://svn.apache.org/viewvc?rev=1730101&view=rev
Log:
BZ 58999: Fix class and resource name
filtering in WebappClassLoader.
It throws a StringIndexOutOfBoundsException
if the name is "org" or "javax".
We currently do not filter class or resource
names which are exactly equals to one of the
package names of classes and resources to
filter. Only classes or resources underneath
that packages.
Example:
- "javax.servlet" will not be filtered
- "javax.servlet.Class" will be filtered
Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1730101&r1=1730100&r2=1730101&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java Fri
Feb 12 20:35:26 2016
@@ -2765,6 +2765,9 @@ public abstract class WebappClassLoaderB
char ch;
if (name.startsWith("javax")) {
/* 5 == length("javax") */
+if (name.length() == 5) {
+return false;
+}
ch = name.charAt(5);
if (isClassName && ch == '.') {
/* 6 == length("javax.") */
@@ -2791,6 +2794,9 @@ public abstract class WebappClassLoaderB
}
} else if (name.startsWith("org")) {
/* 3 == length("org") */
+if (name.length() == 3) {
+return false;
+}
ch = name.charAt(3);
if (isClassName && ch == '.') {
/* 4 == length("org.") */
Modified:
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java?rev=1730101&r1=1730100&r2=1730101&view=diff
==
--- tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
(original)
+++ tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java Fri
Feb 12 20:35:26 2016
@@ -65,10 +65,12 @@ public class TestWebappClassLoader exten
public void testFilter() throws IOException {
String[] classSuffixes = new String[]{
+"",
"some.package.Example"
};
String[] resourceSuffixes = new String[]{
+"",
"some/path/test.properties",
"some/path/test"
};
@@ -83,7 +85,7 @@ public class TestWebappClassLoader exten
"org.apache",
"org.apache.tomcat.jdbc",
"javax",
-"javax.jsp.jstl",
+"javax.servlet.jsp.jstl",
"com.mycorp"
};
@@ -131,20 +133,13 @@ public class TestWebappClassLoader exten
for (String prefix : prefixesDeny) {
for (String suffix : classSuffixes) {
if (prefix.equals("")) {
-name = suffix;
-} else {
-name = prefix + "." + suffix;
-}
+name = prefix + "." + suffix;
Assert.assertTrue("Class '" + name + "' failed deny
filter",
loader.filter(name, true));
}
prefix = prefix.replace('.', '/');
for (String suffix : resourceSuffixes) {
-if (prefix.equals("")) {
-name = suffix;
-} else {
-name = prefix + "/" + suffix;
-}
+name = prefix + "/" + suffix;
Assert.assertTrue("Resource '" + name + "' failed deny
filter",
loader.filter(name, false));
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1730102 - /tomcat/trunk/webapps/docs/changelog.xml
Author: rjung Date: Fri Feb 12 20:40:06 2016 New Revision: 1730102 URL: http://svn.apache.org/viewvc?rev=1730102&view=rev Log: Changelog update for r1730101. Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1730102&r1=1730101&r2=1730102&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Feb 12 20:40:06 2016 @@ -68,6 +68,11 @@ 58988: Special characters in the substitutions for the RewriteValve can now be quoted with a backslash. (fschumacher) + +58999: Fix class and resource name filtering in WebappClassLoader. +It throws a StringIndexOutOfBoundsException if the name is exactly +"org" or "javax". (rjung) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/1048 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1730102 Blamelist: rjung BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 58999] StringIndexOutOfBoundsException WebAppClassLoaderBase.filter()
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999 --- Comment #4 from Rainer Jung --- Thanks to the OP for analysing the problem and to Violeta for the patch. Please have a look at r1730101, which fixes the StringIndexOutOfBoundsException. The onyl problem I saw was the charAt(), because indeed the index could have been to big. For the startsWith(), this can not happen, because the given index is always equals to the known minimal length of the string (one more than the last index of the string). Javadoc tells us this is allowed, even an index bigger than the string length is allowed here: "The result is false if toffset is negative or greater than the length of this String object". Concerning the filtering, when the name parameter is exactly equals to one of the denied package names (package names to filter), IMHO it is OK to permit them unless they are followed by a sub package, class or resource name. I see no harm in permitting the package names without anything after them. If you agree, I'll backport. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1730101 - in /tomcat/trunk: java/org/apache/catalina/loader/WebappClassLoaderBase.java test/org/apache/catalina/loader/TestWebappClassLoader.java
Hi,
2016-02-12 22:35 GMT+02:00 :
>
> Author: rjung
> Date: Fri Feb 12 20:35:26 2016
> New Revision: 1730101
>
> URL: http://svn.apache.org/viewvc?rev=1730101&view=rev
> Log:
> BZ 58999: Fix class and resource name
> filtering in WebappClassLoader.
>
> It throws a StringIndexOutOfBoundsException
> if the name is "org" or "javax".
>
> We currently do not filter class or resource
> names which are exactly equals to one of the
> package names of classes and resources to
> filter. Only classes or resources underneath
> that packages.
>
> Example:
> - "javax.servlet" will not be filtered
> - "javax.servlet.Class" will be filtered
>
> Modified:
>
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
>
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
>
> Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
> URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1730101&r1=1730100&r2=1730101&view=diff
>
==
> ---
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
(original)
> +++
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java Fri
Feb 12 20:35:26 2016
> @@ -2765,6 +2765,9 @@ public abstract class WebappClassLoaderB
> char ch;
> if (name.startsWith("javax")) {
> /* 5 == length("javax") */
> +if (name.length() == 5) {
> +return false;
> +}
> ch = name.charAt(5);
> if (isClassName && ch == '.') {
> /* 6 == length("javax.") */
> @@ -2791,6 +2794,9 @@ public abstract class WebappClassLoaderB
> }
> } else if (name.startsWith("org")) {
> /* 3 == length("org") */
> +if (name.length() == 3) {
> +return false;
> +}
> ch = name.charAt(3);
> if (isClassName && ch == '.') {
> /* 4 == length("org.") */
>
> Modified:
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
> URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java?rev=1730101&r1=1730100&r2=1730101&view=diff
>
==
> ---
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
(original)
> +++
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java Fri
Feb 12 20:35:26 2016
> @@ -65,10 +65,12 @@ public class TestWebappClassLoader exten
> public void testFilter() throws IOException {
>
> String[] classSuffixes = new String[]{
> +"",
With this test we would like to test "org" and "javax", but then why we add
"." and "/" when the suffix is empty string?
> "some.package.Example"
> };
>
> String[] resourceSuffixes = new String[]{
> +"",
> "some/path/test.properties",
> "some/path/test"
> };
> @@ -83,7 +85,7 @@ public class TestWebappClassLoader exten
> "org.apache",
> "org.apache.tomcat.jdbc",
> "javax",
> -"javax.jsp.jstl",
> +"javax.servlet.jsp.jstl",
> "com.mycorp"
> };
>
> @@ -131,20 +133,13 @@ public class TestWebappClassLoader exten
> for (String prefix : prefixesDeny) {
> for (String suffix : classSuffixes) {
> if (prefix.equals("")) {
This one should be removed. Currently it breaks the build.
> -name = suffix;
> -} else {
> -name = prefix + "." + suffix;
> -}
> +name = prefix + "." + suffix;
> Assert.assertTrue("Class '" + name + "' failed deny
filter",
> loader.filter(name, true));
> }
> prefix = prefix.replace('.', '/');
> for (String suffix : resourceSuffixes) {
> -if (prefix.equals("")) {
> -name = suffix;
> -} else {
> -name = prefix + "/" + suffix;
> -}
> +name = prefix + "/" + suffix;
> Assert.assertTrue("Resource '" + name + "' failed
deny filter",
> loader.filter(name, false));
> }
>
>
>
Regards,
Violeta
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
svn commit: r1730137 - /tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
Author: rjung
Date: Fri Feb 12 22:37:01 2016
New Revision: 1730137
URL: http://svn.apache.org/viewvc?rev=1730137&view=rev
Log:
Fix test compilation. Thanks Violeta.
(never do last minute changes)
Split test in 3 sections:
- general prefix/suffix combinations, all
combinations permitted
- permit/suffix combinations, permit if suffix
is not empty
- deny/suffix combinations, deny if suffix
is not empty
Modified:
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
Modified:
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java?rev=1730137&r1=1730136&r2=1730137&view=diff
==
--- tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
(original)
+++ tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java Fri
Feb 12 22:37:01 2016
@@ -75,7 +75,7 @@ public class TestWebappClassLoader exten
"some/path/test"
};
-String[] prefixesPermit = new String[]{
+String[] prefixes = new String[]{
"",
"resources",
"WEB-INF",
@@ -83,12 +83,15 @@ public class TestWebappClassLoader exten
"WEB-INF.lib",
"org",
"org.apache",
-"org.apache.tomcat.jdbc",
"javax",
-"javax.servlet.jsp.jstl",
"com.mycorp"
};
+String[] prefixesPermit = new String[]{
+"org.apache.tomcat.jdbc",
+"javax.servlet.jsp.jstl",
+};
+
String[] prefixesDeny = new String[]{
"org.apache.catalina",
"org.apache.coyote",
@@ -106,7 +109,7 @@ public class TestWebappClassLoader exten
try (WebappClassLoader loader = new WebappClassLoader()) {
String name;
-for (String prefix : prefixesPermit) {
+for (String prefix : prefixes) {
for (String suffix : classSuffixes) {
name = prefix + "." + suffix;
Assert.assertTrue("Class '" + name + "' failed permit
filter",
@@ -116,6 +119,11 @@ public class TestWebappClassLoader exten
Assert.assertTrue("Class '" + name + "' failed permit
filter",
!loader.filter(name, true));
}
+if (suffix.equals("")) {
+name = prefix;
+Assert.assertTrue("Class '" + name + "' failed permit
filter",
+ !loader.filter(name, true));
+}
}
prefix = prefix.replace('.', '/');
for (String suffix : resourceSuffixes) {
@@ -127,12 +135,30 @@ public class TestWebappClassLoader exten
Assert.assertTrue("Resource '" + name + "' failed
permit filter",
!loader.filter(name, false));
}
+if (suffix.equals("")) {
+name = prefix;
+Assert.assertTrue("Resource '" + name + "' failed
permit filter",
+ !loader.filter(name, false));
+}
+}
+}
+
+for (String prefix : prefixesPermit) {
+for (String suffix : classSuffixes) {
+name = prefix + "." + suffix;
+Assert.assertTrue("Class '" + name + "' failed permit
filter",
+ !loader.filter(name, true));
+}
+prefix = prefix.replace('.', '/');
+for (String suffix : resourceSuffixes) {
+name = prefix + "/" + suffix;
+Assert.assertTrue("Resource '" + name + "' failed permit
filter",
+ !loader.filter(name, false));
}
}
for (String prefix : prefixesDeny) {
for (String suffix : classSuffixes) {
-if (prefix.equals("")) {
name = prefix + "." + suffix;
Assert.assertTrue("Class '" + name + "' failed deny
filter",
loader.filter(name, true));
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1730101 - in /tomcat/trunk: java/org/apache/catalina/loader/WebappClassLoaderBase.java test/org/apache/catalina/loader/TestWebappClassLoader.java
Hi Violeta,
build breakage fixed in r1730137.
I adjusted the test to better reflect what's implemented currently:
- deny if name is something below the denied package. We don't care for
the package names themselves without anything added.
- permit exclude rules work the same way, only permit for something
below the permitted packages. Don't care for package name itself
- permit any other combination of prefix/suffix (here's the place for
the "org" and "javax" test)
OK?
Regards,
Rainer
Am 12.02.2016 um 22:20 schrieb Violeta Georgieva:
2016-02-12 22:35 GMT+02:00 :
Author: rjung
Date: Fri Feb 12 20:35:26 2016
New Revision: 1730101
URL: http://svn.apache.org/viewvc?rev=1730101&view=rev
Log:
BZ 58999: Fix class and resource name
filtering in WebappClassLoader.
It throws a StringIndexOutOfBoundsException
if the name is "org" or "javax".
We currently do not filter class or resource
names which are exactly equals to one of the
package names of classes and resources to
filter. Only classes or resources underneath
that packages.
Example:
- "javax.servlet" will not be filtered
- "javax.servlet.Class" will be filtered
Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
Modified:
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1730101&r1=1730100&r2=1730101&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java Fri
Feb 12 20:35:26 2016
@@ -2765,6 +2765,9 @@ public abstract class WebappClassLoaderB
char ch;
if (name.startsWith("javax")) {
/* 5 == length("javax") */
+if (name.length() == 5) {
+return false;
+}
ch = name.charAt(5);
if (isClassName && ch == '.') {
/* 6 == length("javax.") */
@@ -2791,6 +2794,9 @@ public abstract class WebappClassLoaderB
}
} else if (name.startsWith("org")) {
/* 3 == length("org") */
+if (name.length() == 3) {
+return false;
+}
ch = name.charAt(3);
if (isClassName && ch == '.') {
/* 4 == length("org.") */
Modified:
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java?rev=1730101&r1=1730100&r2=1730101&view=diff
==
---
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
(original)
+++
tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java Fri
Feb 12 20:35:26 2016
@@ -65,10 +65,12 @@ public class TestWebappClassLoader exten
public void testFilter() throws IOException {
String[] classSuffixes = new String[]{
+"",
With this test we would like to test "org" and "javax", but then why we add
"." and "/" when the suffix is empty string?
"some.package.Example"
};
String[] resourceSuffixes = new String[]{
+"",
"some/path/test.properties",
"some/path/test"
};
@@ -83,7 +85,7 @@ public class TestWebappClassLoader exten
"org.apache",
"org.apache.tomcat.jdbc",
"javax",
-"javax.jsp.jstl",
+"javax.servlet.jsp.jstl",
"com.mycorp"
};
@@ -131,20 +133,13 @@ public class TestWebappClassLoader exten
for (String prefix : prefixesDeny) {
for (String suffix : classSuffixes) {
if (prefix.equals("")) {
This one should be removed. Currently it breaks the build.
-name = suffix;
-} else {
-name = prefix + "." + suffix;
-}
+name = prefix + "." + suffix;
Assert.assertTrue("Class '" + name + "' failed deny
filter",
loader.filter(name, true));
}
prefix = prefix.replace('.', '/');
for (String suffix : resourceSuffixes) {
-if (prefix.equals("")) {
-name = suffix;
-} else {
-name = prefix + "/" + suffix;
-}
+name = prefix + "/" + suffix;
Assert.assertTrue("Resource '" + name + "' failed
deny filter",
loader.filter(name, fal
[GUMP@vmgump]: Project tomcat-tc8.0.x-test-nio2 (in module tomcat-8.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc8.0.x-test-nio2 has an issue affecting its community integration. This issue affects 1 projects, and has been outstanding for 2 runs. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc8.0.x-test-nio2 : Tomcat 8.x, a web server implementing the Java Servlet 3.1, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/logs-NIO2 -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO2/logs -WARNING- No directory [/srv/gump/public/workspace/tomcat-8.0.x/output/test-tmp-NIO2/logs] The following work was performed: http://vmgump.apache.org/gump/public/tomcat-8.0.x/tomcat-tc8.0.x-test-nio2/gump_work/build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2.html Work Name: build_tomcat-8.0.x_tomcat-tc8.0.x-test-nio2 (Type: Build) Work ended in a state of : Failed Elapsed: 47 mins 11 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dtest.reports=output/logs-NIO2 -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160213-native-src.tar.gz -Dexamples.sources.skip=true -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160213.jar -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160213-native-src.tar.gz -Dtest.temp=output/test-tmp-NIO2 -Dtest.accesslog=true -Dexecute.test.nio=false -Dtest.openssl.path=/srv/gump/public/workspace/openssl-1.0.2/dest-20160213/bin /openssl -Dexecute.test.bio=false -Dexecute.test.apr=false -Dtest.excludePerformance=true -Dexecute.test.nio2=true -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-8.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-8.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/websocket-api.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-storeconfig.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/jasper-el.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-tribes.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/catalina-ha.jar:/srv/gump/public/workspace/tomcat-8.0.x/output/build/lib/tomcat-api.jar:/srv/gump/public
Re: svn commit: r1730101 - in /tomcat/trunk: java/org/apache/catalina/loader/WebappClassLoaderBase.java test/org/apache/catalina/loader/TestWebappClassLoader.java
2016-02-13 0:40 GMT+02:00 Rainer Jung :
>
> Hi Violeta,
>
> build breakage fixed in r1730137.
>
> I adjusted the test to better reflect what's implemented currently:
>
> - deny if name is something below the denied package. We don't care for
the package names themselves without anything added.
> - permit exclude rules work the same way, only permit for something below
the permitted packages. Don't care for package name itself
> - permit any other combination of prefix/suffix (here's the place for the
"org" and "javax" test)
>
> OK?
Thanks,
Violeta
> Regards,
>
> Rainer
>
>
> Am 12.02.2016 um 22:20 schrieb Violeta Georgieva:
>>
>> 2016-02-12 22:35 GMT+02:00 :
>>>
>>>
>>> Author: rjung
>>> Date: Fri Feb 12 20:35:26 2016
>>> New Revision: 1730101
>>>
>>> URL: http://svn.apache.org/viewvc?rev=1730101&view=rev
>>> Log:
>>> BZ 58999: Fix class and resource name
>>> filtering in WebappClassLoader.
>>>
>>> It throws a StringIndexOutOfBoundsException
>>> if the name is "org" or "javax".
>>>
>>> We currently do not filter class or resource
>>> names which are exactly equals to one of the
>>> package names of classes and resources to
>>> filter. Only classes or resources underneath
>>> that packages.
>>>
>>> Example:
>>> - "javax.servlet" will not be filtered
>>> - "javax.servlet.Class" will be filtered
>>>
>>> Modified:
>>>
>> tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
>>>
>>>
>> tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
>>>
>>>
>>> Modified:
>>
>> tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
>>>
>>> URL:
>>
>>
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java?rev=1730101&r1=1730100&r2=1730101&view=diff
>>>
>>>
>>
==
>>>
>>> ---
>>
>> tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
>> (original)
>>>
>>> +++
>>
>> tomcat/trunk/java/org/apache/catalina/loader/WebappClassLoaderBase.java
Fri
>> Feb 12 20:35:26 2016
>>>
>>> @@ -2765,6 +2765,9 @@ public abstract class WebappClassLoaderB
>>> char ch;
>>> if (name.startsWith("javax")) {
>>> /* 5 == length("javax") */
>>> +if (name.length() == 5) {
>>> +return false;
>>> +}
>>> ch = name.charAt(5);
>>> if (isClassName && ch == '.') {
>>> /* 6 == length("javax.") */
>>> @@ -2791,6 +2794,9 @@ public abstract class WebappClassLoaderB
>>> }
>>> } else if (name.startsWith("org")) {
>>> /* 3 == length("org") */
>>> +if (name.length() == 3) {
>>> +return false;
>>> +}
>>> ch = name.charAt(3);
>>> if (isClassName && ch == '.') {
>>> /* 4 == length("org.") */
>>>
>>> Modified:
>>
>> tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
>>>
>>> URL:
>>
>>
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java?rev=1730101&r1=1730100&r2=1730101&view=diff
>>>
>>>
>>
==
>>>
>>> ---
>>
>> tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
>> (original)
>>>
>>> +++
>>
>> tomcat/trunk/test/org/apache/catalina/loader/TestWebappClassLoader.java
Fri
>> Feb 12 20:35:26 2016
>>>
>>> @@ -65,10 +65,12 @@ public class TestWebappClassLoader exten
>>> public void testFilter() throws IOException {
>>>
>>> String[] classSuffixes = new String[]{
>>> +"",
>>
>>
>>
>> With this test we would like to test "org" and "javax", but then why we
add
>> "." and "/" when the suffix is empty string?
>>
>>
>>> "some.package.Example"
>>> };
>>>
>>> String[] resourceSuffixes = new String[]{
>>> +"",
>>> "some/path/test.properties",
>>> "some/path/test"
>>> };
>>> @@ -83,7 +85,7 @@ public class TestWebappClassLoader exten
>>> "org.apache",
>>> "org.apache.tomcat.jdbc",
>>> "javax",
>>> -"javax.jsp.jstl",
>>> +"javax.servlet.jsp.jstl",
>>> "com.mycorp"
>>> };
>>>
>>> @@ -131,20 +133,13 @@ public class TestWebappClassLoader exten
>>> for (String prefix : prefixesDeny) {
>>> for (String suffix : classSuffixes) {
>>> if (prefix.equals("")) {
>>
>>
>> This one should be removed. Currently it breaks the build.
>>
>>> -name = suffix;
>>> -} else {
>>> -name = prefix + "." + suffix;
>>> -}
>>> +name = prefix + "." + suffix;
>>> Assert.assertTrue("Class '" + name + "' failed
deny
>>
>> filter",
>>>
>>>
[Bug 58999] StringIndexOutOfBoundsException WebAppClassLoaderBase.filter()
https://bz.apache.org/bugzilla/show_bug.cgi?id=58999 --- Comment #5 from Violeta Georgieva --- (In reply to Rainer Jung from comment #4) > Thanks to the OP for analysing the problem and to Violeta for the patch. > > Please have a look at r1730101, which fixes the > StringIndexOutOfBoundsException. > > The onyl problem I saw was the charAt(), because indeed the index could have > been to big. For the startsWith(), this can not happen, because the given > index is always equals to the known minimal length of the string (one more > than the last index of the string). Javadoc tells us this is allowed, even > an index bigger than the string length is allowed here: "The result is false > if toffset is negative or greater than the length of this String object". > > Concerning the filtering, when the name parameter is exactly equals to one > of the denied package names (package names to filter), IMHO it is OK to > permit them unless they are followed by a sub package, class or resource > name. I see no harm in permitting the package names without anything after > them. > > If you agree, I'll backport. Thanks, Violeta -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
