svn commit: r1734375 - in /tomcat/trunk: java/org/apache/catalina/connector/Connector.java java/org/apache/catalina/core/AprLifecycleListener.java webapps/docs/apr.xml webapps/docs/changelog.xml webap
Author: remm
Date: Thu Mar 10 09:38:16 2016
New Revision: 1734375
URL: http://svn.apache.org/viewvc?rev=1734375&view=rev
Log:
Remove APR listener documentation duplication.
59150: Add a new useOpenSSL flag, default to true.
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Connector.java
tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
tomcat/trunk/webapps/docs/apr.xml
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/listeners.xml
Modified: tomcat/trunk/java/org/apache/catalina/connector/Connector.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Connector.java?rev=1734375&r1=1734374&r2=1734375&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/connector/Connector.java (original)
+++ tomcat/trunk/java/org/apache/catalina/connector/Connector.java Thu Mar 10
09:38:16 2016
@@ -996,6 +996,7 @@ public class Connector extends Lifecycle
getProtocolHandlerClassName()));
}
if (AprLifecycleListener.isAprAvailable() &&
+AprLifecycleListener.getUseOpenSSL() &&
protocolHandler instanceof AbstractHttp11JsseProtocol) {
AbstractHttp11JsseProtocol jsseProtocolHandler =
(AbstractHttp11JsseProtocol) protocolHandler;
Modified: tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java?rev=1734375&r1=1734374&r2=1734375&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java Thu
Mar 10 09:38:16 2016
@@ -79,6 +79,7 @@ public class AprLifecycleListener
protected static boolean aprInitialized = false;
protected static boolean aprAvailable = false;
protected static boolean useAprConnector = false;
+protected static boolean useOpenSSL = true;
protected static boolean fipsModeActive = false;
/**
@@ -405,4 +406,14 @@ public class AprLifecycleListener
return useAprConnector;
}
+public void setUseOpenSSL(boolean useOpenSSL) {
+if (useOpenSSL != AprLifecycleListener.useOpenSSL) {
+AprLifecycleListener.useOpenSSL = useOpenSSL;
+}
+}
+
+public static boolean getUseOpenSSL() {
+return useOpenSSL;
+}
+
}
Modified: tomcat/trunk/webapps/docs/apr.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/apr.xml?rev=1734375&r1=1734374&r2=1734375&view=diff
==
--- tomcat/trunk/webapps/docs/apr.xml (original)
+++ tomcat/trunk/webapps/docs/apr.xml Thu Mar 10 09:38:16 2016
@@ -130,42 +130,8 @@
-
-
-
-
- Allows using OpenSSL FIPS mode. If set to on, Tomcat will
enter FIPS mode if needed.
- If set to require, Tomcat will fail to start if FIPS mode
was not active. If set
- to enter, Tomcat will enter FIPS mode and will cause an
error if FIPS mode was active.
- If unset or set to off, Tomcat will not check FIPS status.
-
-
-
-
- Name of the SSLEngine to use. off: Do not use SSL, on: Use SSL but no
specific ENGINE.
- The default value is on.
- This initializes the native SSL engine, then enable the use of this
engine in the connector
- using the SSLEnabled attribute. Example:
-
-
-
-See the http://www.openssl.org";>Official OpenSSL
- website for more details on SSL hardware engines and manufacturers.
-
-
-
-
- If specified, this sets a random source that will be used by OpenSSL.
-
-
-
-
- Set to true to use the APR connector by default. The
default value is
- false, which will use the NIO connector with the JSSE
OpenSSL implementation instead.
-
-
-
-
+See the
+listener configuration.
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1734375&r1=1734374&r2=1734375&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Mar 10 09:38:16 2016
@@ -180,6 +180,10 @@
added additional (and arguably unnecessary) validation to the provided
redirect location. (markt)
+
+59150: Add an additional flag on APR listener to allow
+disabling automatic use of OpenSSL. (remm)
+
Modified: tomcat/trunk/webapps/docs/config/listeners.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/listeners.xml?rev=1734375&
[Bug 59150] Add explicit flag to AprLifecycleListener to enable autoconfiguration of sslImplementationName
https://bz.apache.org/bugzilla/show_bug.cgi?id=59150 Remy Maucherat changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #5 from Remy Maucherat --- I added a useOpenSSL flag, it's shorter and should be mostly equivalent to useOpensslJsseImplementation. Good luck with M4 and the forking. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734377 - in /tomcat/trunk: java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java webapps/docs/changelog.xml
Author: kfujino
Date: Thu Mar 10 09:54:07 2016
New Revision: 1734377
URL: http://svn.apache.org/viewvc?rev=1734377&view=rev
Log:
If promoting a proxy node to a primary node when getting a session, notify the
change of the new primary node to the original backup node.
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
tomcat/trunk/webapps/docs/changelog.xml
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java?rev=1734377&r1=1734376&r2=1734377&view=diff
==
---
tomcat/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
Thu Mar 10 09:54:07 2016
@@ -950,6 +950,13 @@ public abstract class AbstractReplicated
backup = entry.getBackupNodes();
if ( msg.getValue()!=null ) entry.setValue((V)
msg.getValue());
+// notify member
+msg = new MapMessage(getMapContextName(),
MapMessage.MSG_NOTIFY_MAPMEMBER,false,
+(Serializable)entry.getKey(), null, null,
channel.getLocalMember(false), backup);
+if ( backup != null && backup.length > 0) {
+getChannel().send(backup, msg,
getChannelSendOptions());
+}
+
//invalidate the previous primary
msg = new
MapMessage(getMapContextName(),MapMessage.MSG_PROXY,false,(Serializable)key,null,null,channel.getLocalMember(false),backup);
Member[] dest = getMapMembersExcl(backup);
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1734377&r1=1734376&r2=1734377&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Mar 10 09:54:07 2016
@@ -273,6 +273,15 @@
+
+
+
+If promoting a proxy node to a primary node when getting a session,
+notify the change of the new primary node to the original backup node.
+(kfujino)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734378 - in /tomcat/tc8.0.x/trunk: java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java webapps/docs/changelog.xml
Author: kfujino
Date: Thu Mar 10 09:55:09 2016
New Revision: 1734378
URL: http://svn.apache.org/viewvc?rev=1734378&view=rev
Log:
If promoting a proxy node to a primary node when getting a session, notify the
change of the new primary node to the original backup node.
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java?rev=1734378&r1=1734377&r2=1734378&view=diff
==
---
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
Thu Mar 10 09:55:09 2016
@@ -949,6 +949,13 @@ public abstract class AbstractReplicated
backup = entry.getBackupNodes();
if ( msg.getValue()!=null ) entry.setValue((V)
msg.getValue());
+// notify member
+msg = new MapMessage(getMapContextName(),
MapMessage.MSG_NOTIFY_MAPMEMBER,false,
+(Serializable)entry.getKey(), null, null,
channel.getLocalMember(false), backup);
+if ( backup != null && backup.length > 0) {
+getChannel().send(backup, msg,
getChannelSendOptions());
+}
+
//invalidate the previous primary
msg = new
MapMessage(getMapContextName(),MapMessage.MSG_PROXY,false,(Serializable)key,null,null,channel.getLocalMember(false),backup);
Member[] dest = getMapMembersExcl(backup);
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1734378&r1=1734377&r2=1734378&view=diff
==
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Thu Mar 10 09:55:09 2016
@@ -242,6 +242,15 @@
+
+
+
+If promoting a proxy node to a primary node when getting a session,
+notify the change of the new primary node to the original backup node.
+(kfujino)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734379 - in /tomcat/tc7.0.x/trunk: java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java webapps/docs/changelog.xml
Author: kfujino
Date: Thu Mar 10 09:55:59 2016
New Revision: 1734379
URL: http://svn.apache.org/viewvc?rev=1734379&view=rev
Log:
If promoting a proxy node to a primary node when getting a session, notify the
change of the new primary node to the original backup node.
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java?rev=1734379&r1=1734378&r2=1734379&view=diff
==
---
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
(original)
+++
tomcat/tc7.0.x/trunk/java/org/apache/catalina/tribes/tipis/AbstractReplicatedMap.java
Thu Mar 10 09:55:59 2016
@@ -949,6 +949,13 @@ public abstract class AbstractReplicated
msg.deserialize(getExternalLoaders());
backup = entry.getBackupNodes();
if ( msg.getValue()!=null ) entry.setValue((V)
msg.getValue());
+
+// notify member
+msg = new MapMessage(getMapContextName(),
MapMessage.MSG_NOTIFY_MAPMEMBER,false,
+(Serializable)entry.getKey(), null, null,
channel.getLocalMember(false), backup);
+if ( backup != null && backup.length > 0) {
+getChannel().send(backup, msg,
getChannelSendOptions());
+}
//invalidate the previous primary
msg = new
MapMessage(getMapContextName(),MapMessage.MSG_PROXY,false,(Serializable)key,null,null,channel.getLocalMember(false),backup);
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1734379&r1=1734378&r2=1734379&view=diff
==
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Thu Mar 10 09:55:59 2016
@@ -174,6 +174,15 @@
+
+
+
+If promoting a proxy node to a primary node when getting a session,
+notify the change of the new primary node to the original backup node.
+(kfujino)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59145] Incorrect warning logging on invalidate session when using SingleSignOn valve
https://bz.apache.org/bugzilla/show_bug.cgi?id=59145 Coen Wouters changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|DUPLICATE |--- --- Comment #2 from Coen Wouters --- (In reply to Mark Thomas from comment #1) > > *** This bug has been marked as a duplicate of bug 59043 *** Tried with latest sources of tomcat 7 trunk from http://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk/ and the problem can still be reproduced -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 57583] Performance issue evaluating EL in custom tags (tagx) due to inefficient calls to java.lang.Class.forName()
https://bz.apache.org/bugzilla/show_bug.cgi?id=57583 Mark Thomas changed: What|Removed |Added Status|RESOLVED|REOPENED Resolution|FIXED |--- --- Comment #6 from Mark Thomas --- I think I have a way to address the performance issues without breaking the spec. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734398 - /tomcat/trunk/test/org/apache/el/TestELInJsp.java
Author: markt Date: Thu Mar 10 12:38:49 2016 New Revision: 1734398 URL: http://svn.apache.org/viewvc?rev=1734398&view=rev Log: Fix comment typo Modified: tomcat/trunk/test/org/apache/el/TestELInJsp.java Modified: tomcat/trunk/test/org/apache/el/TestELInJsp.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/el/TestELInJsp.java?rev=1734398&r1=1734397&r2=1734398&view=diff == --- tomcat/trunk/test/org/apache/el/TestELInJsp.java (original) +++ tomcat/trunk/test/org/apache/el/TestELInJsp.java Thu Mar 10 12:38:49 2016 @@ -463,9 +463,9 @@ public class TestELInJsp extends TomcatB String result = res.toString(); // javax.servlet assertEcho(result, "00-" + DispatcherType.ASYNC); -// No obvious status fields for javax.servlet.http +// No obvious static fields for javax.servlet.http // Could hack something with HttpUtils... -// No obvious status fields for javax.servlet.jsp +// No obvious static fields for javax.servlet.jsp // Wild card (package) import assertEcho(result, "01-" + BigDecimal.ROUND_UP); // Class import - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734418 - in /tomcat/trunk: java/javax/servlet/jsp/el/ScopedAttributeELResolver.java java/org/apache/el/parser/AstIdentifier.java webapps/docs/changelog.xml
Author: markt
Date: Thu Mar 10 14:22:51 2016
New Revision: 1734418
URL: http://svn.apache.org/viewvc?rev=1734418&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57583
Improve long standing performance issue with EL and undefined attributes.
Modified:
tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java
tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java?rev=1734418&r1=1734417&r2=1734418&view=diff
==
--- tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java
(original)
+++ tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java Thu
Mar 10 14:22:51 2016
@@ -35,6 +35,20 @@ import javax.servlet.jsp.PageContext;
*/
public class ScopedAttributeELResolver extends ELResolver {
+// Indicates if a performance short-cut is available
+private static final Class AST_IDENTIFIER_KEY;
+
+static {
+Class key = null;
+try {
+key = Class.forName("org.apache.el.parser.AstIdentifier");
+} catch (Exception e) {
+// Ignore: Expected if not running on Tomcat. Not a problem since
+// this just allows a short-cut.
+}
+AST_IDENTIFIER_KEY = key;
+}
+
@Override
public Object getValue(ELContext context, Object base, Object property) {
if (context == null) {
@@ -51,10 +65,26 @@ public class ScopedAttributeELResolver e
result = page.findAttribute(key);
if (result == null) {
+boolean resolveClass = true;
+// Performance short-cut available when running on Tomcat
+if (AST_IDENTIFIER_KEY != null) {
+// Tomcat will set this key to Boolean.TRUE if the
+// identifier is a stand-alone identifier (i.e.
+// identifier) rather than part of an AstValue (i.e.
+// identifier.something). Imports do not need to be
+// checked if this is a stand-alone identifier
+Boolean value = (Boolean)
context.getContext(AST_IDENTIFIER_KEY);
+if (value != null && value.booleanValue()) {
+resolveClass = false;
+}
+}
// This might be the name of an imported class
ImportHandler importHandler = context.getImportHandler();
if (importHandler != null) {
-Class clazz = importHandler.resolveClass(key);
+Class clazz = null;
+if (resolveClass) {
+clazz = importHandler.resolveClass(key);
+}
if (clazz != null) {
result = new ELClass(clazz);
}
Modified: tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java?rev=1734418&r1=1734417&r2=1734418&view=diff
==
--- tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java (original)
+++ tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java Thu Mar 10
14:22:51 2016
@@ -77,7 +77,27 @@ public final class AstIdentifier extends
// EL Resolvers
ctx.setPropertyResolved(false);
-Object result = ctx.getELResolver().getValue(ctx, null, this.image);
+Object result;
+/* Putting the Boolean into the ELContext is part of a performance
+ * optimisation for ScopedAttributeELResolver. When looking up "foo",
+ * the resolver can't differentiate between ${ foo } and ${ foo.bar }.
+ * This is important because the expensive class lookup only needs to
+ * be performed in the later case. This flag tells the resolver if the
+ * lookup can be skipped.
+ */
+if (parent instanceof AstValue) {
+ctx.putContext(this.getClass(), Boolean.FALSE);
+} else {
+ctx.putContext(this.getClass(), Boolean.TRUE);
+}
+try {
+result = ctx.getELResolver().getValue(ctx, null, this.image);
+} finally {
+// Always reset the flag to false so the optimisation is not
applied
+// inappropriately
+ctx.putContext(this.getClass(), Boolean.FALSE);
+}
+
if (ctx.isPropertyResolved()) {
return result;
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tom
svn commit: r1734419 - in /tomcat/tc8.0.x/trunk: ./ java/javax/servlet/jsp/el/ScopedAttributeELResolver.java java/org/apache/el/parser/AstIdentifier.java webapps/docs/changelog.xml
Author: markt Date: Thu Mar 10 14:27:37 2016 New Revision: 1734419 URL: http://svn.apache.org/viewvc?rev=1734419&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57583 Improve long standing performance issue with EL and undefined attributes. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java tomcat/tc8.0.x/trunk/java/org/apache/el/parser/AstIdentifier.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Mar 10 14:27:37 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054
[Bug 57583] Performance issue evaluating EL in custom tags (tagx) due to inefficient calls to java.lang.Class.forName()
https://bz.apache.org/bugzilla/show_bug.cgi?id=57583 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|REOPENED|RESOLVED --- Comment #7 from Mark Thomas --- I've implemented an improvement for 9.0.x (9.0.0.M4 onwards) and 8.0.x (8.0.33 onwards). The improvement only works when Tomcat's JSP API implementation is used in conjunction with Tomcat's EL implementation. In my local testing the time for a single request with a single attribute lookup was reduced from ~1ms to ~0.1ms. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59122] Browser send back to tomcat "likely valid" JSESSIONID but tomcat recreate session and response to browser a renewed JESSIONID
https://bz.apache.org/bugzilla/show_bug.cgi?id=59122 Mark Thomas changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |INVALID --- Comment #3 from Mark Thomas --- See comment #1. The users list is the place for this discussion. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59161] New: Fixes for quality defects
https://bz.apache.org/bugzilla/show_bug.cgi?id=59161 Bug ID: 59161 Summary: Fixes for quality defects Product: Tomcat 9 Version: unspecified Hardware: PC OS: All Status: NEW Severity: normal Priority: P2 Component: Jasper Assignee: dev@tomcat.apache.org Reporter: sean.b...@synopsys.com Created attachment 33655 --> https://bz.apache.org/bugzilla/attachment.cgi?id=33655&action=edit Fixes for quality defects With the use of Coverity Static Analysis technologies, some quality defects were identified such as potential null pointer dereferences and resource leaks. The attached patch provides fixes to these issues. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59161] Fixes for quality defects
https://bz.apache.org/bugzilla/show_bug.cgi?id=59161 Sean Boyd changed: What|Removed |Added CC||sean.b...@synopsys.com -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1734418 - in /tomcat/trunk: java/javax/servlet/jsp/el/ScopedAttributeELResolver.java java/org/apache/el/parser/AstIdentifier.java webapps/docs/changelog.xml
2016-03-10 17:22 GMT+03:00 :
> Author: markt
> Date: Thu Mar 10 14:22:51 2016
> New Revision: 1734418
>
> URL: http://svn.apache.org/viewvc?rev=1734418&view=rev
> Log:
> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57583
> Improve long standing performance issue with EL and undefined attributes.
>
> Modified:
> tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java
> tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java
> tomcat/trunk/webapps/docs/changelog.xml
>
> Modified:
> tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java
> URL:
> http://svn.apache.org/viewvc/tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java?rev=1734418&r1=1734417&r2=1734418&view=diff
> ==
> --- tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java
> (original)
> +++ tomcat/trunk/java/javax/servlet/jsp/el/ScopedAttributeELResolver.java Thu
> Mar 10 14:22:51 2016
> @@ -35,6 +35,20 @@ import javax.servlet.jsp.PageContext;
> */
> public class ScopedAttributeELResolver extends ELResolver {
>
> +// Indicates if a performance short-cut is available
> +private static final Class AST_IDENTIFIER_KEY;
> +
> +static {
> +Class key = null;
> +try {
> +key = Class.forName("org.apache.el.parser.AstIdentifier");
> +} catch (Exception e) {
> +// Ignore: Expected if not running on Tomcat. Not a problem since
> +// this just allows a short-cut.
> +}
> +AST_IDENTIFIER_KEY = key;
> +}
> +
> @Override
> public Object getValue(ELContext context, Object base, Object property) {
> if (context == null) {
> @@ -51,10 +65,26 @@ public class ScopedAttributeELResolver e
> result = page.findAttribute(key);
>
> if (result == null) {
> +boolean resolveClass = true;
> +// Performance short-cut available when running on Tomcat
> +if (AST_IDENTIFIER_KEY != null) {
> +// Tomcat will set this key to Boolean.TRUE if the
> +// identifier is a stand-alone identifier (i.e.
> +// identifier) rather than part of an AstValue (i.e.
> +// identifier.something). Imports do not need to be
> +// checked if this is a stand-alone identifier
> +Boolean value = (Boolean)
> context.getContext(AST_IDENTIFIER_KEY);
> +if (value != null && value.booleanValue()) {
> +resolveClass = false;
> +}
> +}
> // This might be the name of an imported class
> ImportHandler importHandler = context.getImportHandler();
> if (importHandler != null) {
> -Class clazz = importHandler.resolveClass(key);
> +Class clazz = null;
> +if (resolveClass) {
> +clazz = importHandler.resolveClass(key);
> +}
> if (clazz != null) {
> result = new ELClass(clazz);
> }
>
> Modified: tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java
> URL:
> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java?rev=1734418&r1=1734417&r2=1734418&view=diff
> ==
> --- tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java (original)
> +++ tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java Thu Mar 10
> 14:22:51 2016
> @@ -77,7 +77,27 @@ public final class AstIdentifier extends
>
> // EL Resolvers
> ctx.setPropertyResolved(false);
> -Object result = ctx.getELResolver().getValue(ctx, null, this.image);
> +Object result;
> +/* Putting the Boolean into the ELContext is part of a performance
> + * optimisation for ScopedAttributeELResolver. When looking up "foo",
> + * the resolver can't differentiate between ${ foo } and ${ foo.bar
> }.
> + * This is important because the expensive class lookup only needs to
> + * be performed in the later case. This flag tells the resolver if
> the
> + * lookup can be skipped.
> + */
> +if (parent instanceof AstValue) {
> +ctx.putContext(this.getClass(), Boolean.FALSE);
> +} else {
> +ctx.putContext(this.getClass(), Boolean.TRUE);
> +}
Honestly, I do not understand the above if/else block.
I do not see how the difference of "${ foo } vs ${ foo.bar }" maps
into "(parent instanceof AstValue)" check.
What is the meaning of "parent" in Ast?
What possible values can it have?
D
svn commit: r1734420 - in /tomcat/trunk: java/org/apache/catalina/authenticator/SingleSignOn.java webapps/docs/changelog.xml
Author: markt
Date: Thu Mar 10 15:10:56 2016
New Revision: 1734420
URL: http://svn.apache.org/viewvc?rev=1734420&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59145
Don't log an invalid warning when a user logs out of a session associated with
SSO.
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java?rev=1734420&r1=1734419&r2=1734420&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java Thu
Mar 10 15:10:56 2016
@@ -329,7 +329,16 @@ public class SingleSignOn extends ValveB
containerLog.debug(sm.getString("singleSignOn.debug.sessionLogout",
ssoId, session));
}
-deregister(ssoId);
+// First remove the session that we know has expired / been logged
+// out since it has already been removed from its Manager and, if
+// we don't remove it first, deregister() will log a warning that
it
+// can't be found
+removeSession(ssoId, session);
+// If the SSO session was only associated with one web app the call
+// above will have removed the SSO session from the cache
+if (cache.containsKey(ssoId)) {
+deregister(ssoId);
+}
}
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1734420&r1=1734419&r2=1734420&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Mar 10 15:10:56 2016
@@ -176,6 +176,10 @@
Patch provided by Mikko Tiihonen. (markt)
+59145: Don't log an invalid warning when a user logs out of
+a session associated with SSO. (markt)
+
+
59151: Fix a regression in the fix for 56917 that
added additional (and arguably unnecessary) validation to the provided
redirect location. (markt)
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734421 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/authenticator/SingleSignOn.java webapps/docs/changelog.xml
Author: markt Date: Thu Mar 10 15:11:32 2016 New Revision: 1734421 URL: http://svn.apache.org/viewvc?rev=1734421&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59145 Don't log an invalid warning when a user logs out of a session associated with SSO. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Mar 10 15:11:32 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,16
svn commit: r1734422 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/authenticator/SingleSignOn.java webapps/docs/changelog.xml
Author: markt Date: Thu Mar 10 15:12:09 2016 New Revision: 1734422 URL: http://svn.apache.org/viewvc?rev=1734422&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59145 Don't log an invalid warning when a user logs out of a session associated with SSO. Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/catalina/authenticator/SingleSignOn.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Mar 10 15:12:09 2016 @@ -1,2 +1,2 @@ -/tomcat/tc8.0.x/trunk:1636525,1637336,1637685,1637709,1638726,1640089,1640276,1640349,1640363,1640366,1640642,1640672,1640674,1640689,1640884,1641001,1641065,1641067,1641375,1641638,1641723,1641726,1641729-1641730,1641736,1641988,1642669-1642670,1642698,1642701,1643205,1643215,1643217,1643230,1643232,1643273,1643285,1643329-1643330,1643511,1643513,1643521,1643539,1643571,1643581-1643582,1643635,1643655,1643738,1643964,1644018,1644333,1644954,1644992,1645014,1645360,1645456,1645627,1645642,1645686,1645903-1645904,1645908-1645909,1645913,1645920,1646458,1646460-1646462,1646735,1646738-1646741,1646744,1646746,1646748-1646755,1646757,1646759-1646760,1647043,1648816,1651420-1651422,1651844,1652926,1652939-1652940,1652973,1653798,1653817,1653841,1654042,1654161,1654736,1654767,1654787,1656592,1659907,1662986,1663265,1663278,1663325,1663535,1663567,1663679,1663997,1664175,1664321,1664872,1665061,1665086,1666027,1666395,1666503,1666506,1666560,1666570,1666581,1666759,1666967,1666988,1667553 -1667555,1667558,1667617,1667633,1667637,1667747,1667767,1667873,1668028,1668137,1668634,1669432,1669801,1669840,1669895-1669896,1670398,1670435,1670592,1670605-1670607,1670609,1670632,1670720,1670725,1670727,1670731,1671114,1672273,1672285,1673759,1674220,1674295,1675469,1675488,1675595,1675831,1676232,1676367-1676369,1676382,1676394,1676483,1676556,1676635,1678178,1679536,1679988,1680256,1681124,1681182,1681730,1681840,1681864,1681869,1682010,1682034,1682047,1682052-1682053,1682062,1682064,1682070,1682312,1682325,1682331,1682386,1684367,1684385,1685759,1685774,1685827,1685892,1687341,1688904,1689358,1689657,1689921,1692850,1693093,1693108,1693324,1694060,1694115,1694291,1694427,1694431,1694503,1694549,1694789,1694873,1694881,1695356,1695372,1695823-1695825,1696200,1696281,1696379,1696468,1700608,1700871,1700897,1700978,1701094,1701124,1701608,1701668,1701676,1701766,1701944,1702248,1702252,1702314,1702390,1702723,1702725,1702728,1702730,1702733,1702735,1702737,1702739,1702742,1702 744,1702748,1702751,1702754,1702758,1702760,1702763,1702766,1708779,1708782,1708806,1709314,1709670,1710347,1710442,1710448,1710490,1710574,1710578,1712226,1712229,1712235,1712255,1712618,1712649,1712655,1712860,1712899,1712903,1712906,1712913,1712926,1712975,1713185,1713262,1713287,1713613,1713621,1713872,1713976,1713994,1713998,1714004,1714013,1714059,1714538,1714580,1715189,1715207,1715544,1715549,1715637,1715639-1715645,1715667,1715683,1715978,1715981,1716216-1716217,1716355,1716414,1716421,1717208-1717209,1717257,1717283,1717288,1717291,1717421,1717517,1717529,1718797,1718840-1718843,1719348,1719357-1719358,1719400,1719491,1719737,1720235,1720396,1720442,1720446,1720450,1720463,1720658-1720660,1720756,1720816,1721813,1721818,1721831,1721861,1721867,1721882,1722523,1722527,1722800,1722926,1722941,1722997,1723130,1723440,1723488,1723890,1724434,1724674,1724792,1724803,1724902,1725128,1725131,1725154,1725167,1725911,1725921,1725929,1725963-1725965,1725970,1725974,1726171-1726173,1 726175,1726179-1726182,1726190-1726191,1726195-1726200,1726203,1726226,1726576,1726630,1726992,1727029,1727037,1727671,1727676,1727900,1728028,1728092,1728439,1728449,1729186,1729362,1731009,1731303,1731867,1731872,1731874,1731876,1731885,1731947,1731955,1731959,1731977,1731984,1732360,1732490,1732672,1732902,1733166,1733603,1733619,1733735,1733752,1733764,1733915,1733941,1733964,1734115,1734133,1734261 -/tomcat/trunk:1156115-1157160,1157162-1157859,1157862-1157942,1157945-1160347,1160349-1163716,1163718-1166689,1166691-1174340,1174342-1175596,1175598-1175611,1175613-1175932,1175934-1177783,1177785-1177980,1178006-1180720,1180722-1183094,1183096-1187753,1187755,1187775,1187801,1187806,1187809,1187826-1188312,1188314-1188401,1188646-1188840,1188842-1190176,1190178-1195223,1195225-1195953,1195955,1195957-1201238,1201240-1203345,1203347-1206623,1206625-1208046,1208073,1208096,1208114,1208145,1208772,1209194-1212125,1212127-1220291,1220293,1220295-1221321,1221323-1222329,1222332-1222401,1222405-1222795,1222850-1222950,1222969-1225326,1225328-1225463,1225465,1225627,1225629-1226534,1226536-1228908,1228911-1228923,1228927-1229532,1229534-1230766,1230768-1231625,1231627-1233414,1233419-1235207,1235209-1237425,1237427,1237429-1237977,1237981,1237985,1237995,1238070,1238073,1239024-1239048,1239050-1239062,1239135,1239256,12
[Bug 59145] Incorrect warning logging on invalidate session when using SingleSignOn valve
https://bz.apache.org/bugzilla/show_bug.cgi?id=59145 Mark Thomas changed: What|Removed |Added Status|REOPENED|RESOLVED Resolution|--- |FIXED --- Comment #3 from Mark Thomas --- Thanks for the report and checking whether this was still an issue. Fixed in 9.0.x (for 9.0.0.M4 onwards), 8.0.x (8.0.33 onwards) and 7.0.x (7.0.69 onwards). -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59161] Fixes for quality defects
https://bz.apache.org/bugzilla/show_bug.cgi?id=59161 Mark Thomas changed: What|Removed |Added Severity|normal |enhancement --- Comment #1 from Mark Thomas --- Coverity Static Analysis has a bad habit of generating a high proportion of false positive results. You'll need to demonstrate that each of these issues is valid - ideally with a test case - before any fixes are considered. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc7.0.x-test-bio (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-bio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-bio : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-BIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-BIO/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-bio/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-bio (Type: Build) Work ended in a state of : Failed Elapsed: 41 mins 47 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcommons-pool.home=/srv/gump/public/workspace/commons-pool-1.x -Dtest.temp=output/test-tmp-BIO -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160310.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Dtest.excludePerformance=true -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=false -Dexe cute.test.bio=true -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160310-native-src.tar.gz -Dtest.reports=output/logs-BIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160310-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dexecute.test.nio=false -Dtest.accesslog=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20160310.jar -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomca
Re: svn commit: r1734418 - in /tomcat/trunk: java/javax/servlet/jsp/el/ScopedAttributeELResolver.java java/org/apache/el/parser/AstIdentifier.java webapps/docs/changelog.xml
On 10/03/2016 15:02, Konstantin Kolinko wrote:
> 2016-03-10 17:22 GMT+03:00 :
>> Author: markt
>> Date: Thu Mar 10 14:22:51 2016
>> New Revision: 1734418
>>
>> URL: http://svn.apache.org/viewvc?rev=1734418&view=rev
>> Log:
>> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57583
>> Improve long standing performance issue with EL and undefined attributes.
>> Modified: tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java
>> URL:
>> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java?rev=1734418&r1=1734417&r2=1734418&view=diff
>> ==
>> --- tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java (original)
>> +++ tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java Thu Mar 10
>> 14:22:51 2016
>> @@ -77,7 +77,27 @@ public final class AstIdentifier extends
>>
>> // EL Resolvers
>> ctx.setPropertyResolved(false);
>> -Object result = ctx.getELResolver().getValue(ctx, null, this.image);
>> +Object result;
>> +/* Putting the Boolean into the ELContext is part of a performance
>> + * optimisation for ScopedAttributeELResolver. When looking up
>> "foo",
>> + * the resolver can't differentiate between ${ foo } and ${ foo.bar
>> }.
>> + * This is important because the expensive class lookup only needs
>> to
>> + * be performed in the later case. This flag tells the resolver if
>> the
>> + * lookup can be skipped.
>> + */
>> +if (parent instanceof AstValue) {
>> +ctx.putContext(this.getClass(), Boolean.FALSE);
>> +} else {
>> +ctx.putContext(this.getClass(), Boolean.TRUE);
>> +}
>
> Honestly, I do not understand the above if/else block.
>
> I do not see how the difference of "${ foo } vs ${ foo.bar }" maps
> into "(parent instanceof AstValue)" check.
>
> What is the meaning of "parent" in Ast?
It is the parent node of this node in the parse tree.
> What possible values can it have?
In theory, an instance of anything that extends SimpleNode. In practice,
we are only interested in instances of AstValue since that is the type
we will see when we need to check if the identifier represents a class
and do the expensive class lookup.
> Does this handle method calls, such as ${System.currentTimeMillis()} ?
Yes.
>> +try {
>> +result = ctx.getELResolver().getValue(ctx, null, this.image);
>> +} finally {
>> +// Always reset the flag to false so the optimisation is not
>> applied
>> +// inappropriately
>> +ctx.putContext(this.getClass(), Boolean.FALSE);
>> +}
>> +
>> if (ctx.isPropertyResolved()) {
>> return result;
>> }
>
> Below these lines the AstIdentifier does its own
> ImportHandler.resolveClass(), resolveStatic() calls.
>
> This duplicates the work performed by ScopedAttributeELResolver and I
> wonder whether it is necessary.
Yes it is necessary.
ScopedAttributeELResolver is defined to always resolve the property (so
it has to do these lookups itself) but most resolvers don't.
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GUMP@vmgump]: Project tomcat-tc7.0.x-test-nio (in module tomcat-7.0.x) failed
To whom it may engage... This is an automated request, but not an unsolicited one. For more information please visit http://gump.apache.org/nagged.html, and/or contact the folk at gene...@gump.apache.org. Project tomcat-tc7.0.x-test-nio has an issue affecting its community integration. This issue affects 1 projects. The current state of this project is 'Failed', with reason 'Build Failed'. For reference only, the following projects are affected by this: - tomcat-tc7.0.x-test-nio : Tomcat 7.x, a web server implementing Java Servlet 3.0, ... Full details are available at: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-nio/index.html That said, some information snippets are provided here. The following annotations (debug/informational/warning/error messages) were provided: -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp-src.jar. -DEBUG- Dependency on commons-daemon exists, no need to add for property commons-daemon.native.src.tgz. -DEBUG- Dependency on commons-daemon exists, no need to add for property tomcat-native.tar.gz. -DEBUG- Dependency on tomcat-tc7.0.x-dbcp exists, no need to add for property tomcat-dbcp.home. -INFO- Failed with reason build failed -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/logs-NIO -INFO- Project Reports in: /srv/gump/public/workspace/tomcat-7.0.x/output/test-tmp-NIO/logs The following work was performed: http://vmgump.apache.org/gump/public/tomcat-7.0.x/tomcat-tc7.0.x-test-nio/gump_work/build_tomcat-7.0.x_tomcat-tc7.0.x-test-nio.html Work Name: build_tomcat-7.0.x_tomcat-tc7.0.x-test-nio (Type: Build) Work ended in a state of : Failed Elapsed: 43 mins 42 secs Command Line: /usr/lib/jvm/java-8-oracle/bin/java -Djava.awt.headless=true -Dbuild.sysclasspath=only org.apache.tools.ant.Main -Dgump.merge=/srv/gump/public/gump/work/merge.xml -Dbase.path=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-build-libs -Dcommons-pool.home=/srv/gump/public/workspace/commons-pool-1.x -Dtest.temp=output/test-tmp-NIO -Djunit.jar=/srv/gump/public/workspace/junit/target/junit-4.13-SNAPSHOT.jar -Dobjenesis.jar=/srv/gump/public/workspace/objenesis/main/target/objenesis-2.3-SNAPSHOT.jar -Dexamples.sources.skip=true -Dcommons-daemon.jar=/srv/gump/public/workspace/apache-commons/daemon/dist/commons-daemon-20160310.jar -Dtomcat-dbcp-src.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-src.jar -Dtomcat-dbcp.home=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps -Dtest.excludePerformance=true -Dhamcrest.jar=/srv/gump/packages/hamcrest/hamcrest-core-1.3.jar -Dcommons-dbcp.home=/srv/gump/public/workspace/commons-dbcp-1.x -Dexecute.test.apr=false -Dexe cute.test.bio=false -Dcommons-daemon.native.src.tgz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160310-native-src.tar.gz -Dtest.reports=output/logs-NIO -Dtomcat-native.tar.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20160310-native-src.tar.gz -Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar -Dexecute.test.nio=true -Dtest.accesslog=true -Dtomcat-dbcp.jar=/srv/gump/public/workspace/tomcat-7.0.x/tomcat-deps/tomcat-dbcp-20160310.jar -Deasymock.jar=/srv/gump/public/workspace/easymock/core/target/easymock-3.5-SNAPSHOT.jar -Dcglib.jar=/srv/gump/packages/cglib/cglib-nodep-2.2.jar test [Working Directory: /srv/gump/public/workspace/tomcat-7.0.x] CLASSPATH: /usr/lib/jvm/java-8-oracle/lib/tools.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/webapps/examples/WEB-INF/classes:/srv/gump/public/workspace/tomcat-7.0.x/output/testclasses:/srv/gump/public/workspace/ant/dist/lib/ant.jar:/srv/gump/public/workspace/ant/dist/lib/ant-launcher.jar:/srv/gump/public/workspace/ant/dist/lib/ant-jmf.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit.jar:/srv/gump/public/workspace/ant/dist/lib/ant-junit4.jar:/srv/gump/public/workspace/ant/dist/lib/ant-swing.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-resolver.jar:/srv/gump/public/workspace/ant/dist/lib/ant-apache-xalan2.jar:/srv/gump/public/workspace/xml-commons/java/build/resolver.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/bootstrap.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/bin/tomcat-juli.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/annotations-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/servlet-api.ja r:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jsp-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/el-api.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/catalina-ant.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/tomcat-coyote.jar:/srv/gump/public/workspace/tomcat-7.0.x/output/build/lib/jasper.jar:/srv/gump/public/workspace/tomca
[Bug 59122] Browser send back to tomcat "likely valid" JSESSIONID but tomcat recreate session and response to browser a renewed JESSIONID
https://bz.apache.org/bugzilla/show_bug.cgi?id=59122 --- Comment #4 from lanarima...@gmail.com --- Ok. Sorry -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734454 - /tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java
Author: markt
Date: Thu Mar 10 20:43:06 2016
New Revision: 1734454
URL: http://svn.apache.org/viewvc?rev=1734454&view=rev
Log:
Clean-up. No functional change.
Modified:
tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java
Modified: tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java?rev=1734454&r1=1734453&r2=1734454&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java Thu
Mar 10 20:43:06 2016
@@ -37,7 +37,6 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.digester.Digester;
-
/**
* Implementation of the JAAS LoginModule interface,
* primarily for use in testing JAASRealm. It utilizes an
@@ -46,11 +45,10 @@ import org.apache.tomcat.util.digester.D
* (except that digested passwords are not supported).
*
* This class recognizes the following string-valued options, which are
- * specified in the configuration file (and passed to our constructor in
- * the options argument:
+ * specified in the configuration file and passed to {@link
+ * #initialize(Subject, CallbackHandler, Map, Map)} in the options
+ * argument:
*
- * debug - Set to "true" to get debugging messages
- * generated to System.out. The default value is false.
* pathname - Relative (to the pathname specified by the
* "catalina.base" system property) or absolute pathname to the
* XML file containing our user information, in the format supported by
@@ -120,7 +118,9 @@ public class JAASMemoryLoginModule exten
// - Public Methods
public JAASMemoryLoginModule() {
-log.debug("MEMORY LOGIN MODULE");
+if (log.isDebugEnabled()) {
+log.debug("MEMORY LOGIN MODULE");
+}
}
/**
@@ -138,19 +138,21 @@ public class JAASMemoryLoginModule exten
public boolean abort() throws LoginException {
// If our authentication was not successful, just return false
-if (principal == null)
+if (principal == null) {
return false;
+}
// Clean up if overall authentication failed
-if (committed)
+if (committed) {
logout();
-else {
+} else {
committed = false;
principal = null;
}
-log.debug("Abort");
+if (log.isDebugEnabled()) {
+log.debug("Abort");
+}
return true;
-
}
@@ -167,11 +169,14 @@ public class JAASMemoryLoginModule exten
*/
@Override
public boolean commit() throws LoginException {
-log.debug("commit " + principal);
+if (log.isDebugEnabled()) {
+log.debug("commit " + principal);
+}
// If authentication was not successful, just return false
-if (principal == null)
+if (principal == null) {
return false;
+}
// Add our Principal to the Subject if needed
if (!subject.getPrincipals().contains(principal)) {
@@ -181,8 +186,7 @@ public class JAASMemoryLoginModule exten
if (principal instanceof GenericPrincipal) {
String roles[] = ((GenericPrincipal) principal).getRoles();
for (int i = 0; i < roles.length; i++) {
-subject.getPrincipals().add(
-new GenericPrincipal(roles[i], null, null));
+subject.getPrincipals().add(new GenericPrincipal(roles[i],
null, null));
}
}
@@ -190,7 +194,6 @@ public class JAASMemoryLoginModule exten
committed = true;
return true;
-
}
@@ -209,7 +212,9 @@ public class JAASMemoryLoginModule exten
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
-log.debug("Init");
+if (log.isDebugEnabled()) {
+log.debug("Init");
+}
// Save configuration values
this.subject = subject;
@@ -218,12 +223,12 @@ public class JAASMemoryLoginModule exten
this.options = options;
// Perform instance-specific initialization
-if (options.get("pathname") != null)
+if (options.get("pathname") != null) {
this.pathname = (String) options.get("pathname");
+}
// Load our defined Principals
load();
-
}
@@ -238,7 +243,6 @@ public class JAASMemoryLoginModule exten
*/
@Override
public boolean login() throws LoginException {
-
// Set up our CallbackHandler requests
if (callbackHandler == n
Re: svn commit: r1734418 - in /tomcat/trunk: java/javax/servlet/jsp/el/ScopedAttributeELResolver.java java/org/apache/el/parser/AstIdentifier.java webapps/docs/changelog.xml
2016-03-10 19:45 GMT+03:00 Mark Thomas :
> On 10/03/2016 15:02, Konstantin Kolinko wrote:
>> 2016-03-10 17:22 GMT+03:00 :
>>> Author: markt
>>> Date: Thu Mar 10 14:22:51 2016
>>> New Revision: 1734418
>>>
>>> URL: http://svn.apache.org/viewvc?rev=1734418&view=rev
>>> Log:
>>> Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=57583
>>> Improve long standing performance issue with EL and undefined attributes.
>
>
>
>>> Modified: tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java
>>> URL:
>>> http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java?rev=1734418&r1=1734417&r2=1734418&view=diff
>>> ==
>>> --- tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java (original)
>>> +++ tomcat/trunk/java/org/apache/el/parser/AstIdentifier.java Thu Mar 10
>>> 14:22:51 2016
>>> @@ -77,7 +77,27 @@ public final class AstIdentifier extends
>>>
>>> // EL Resolvers
>>> ctx.setPropertyResolved(false);
>>> -Object result = ctx.getELResolver().getValue(ctx, null,
>>> this.image);
>>> +Object result;
>>> +/* Putting the Boolean into the ELContext is part of a performance
>>> + * optimisation for ScopedAttributeELResolver. When looking up
>>> "foo",
>>> + * the resolver can't differentiate between ${ foo } and ${
>>> foo.bar }.
>>> + * This is important because the expensive class lookup only needs
>>> to
>>> + * be performed in the later case. This flag tells the resolver if
>>> the
>>> + * lookup can be skipped.
>>> + */
>>> +if (parent instanceof AstValue) {
>>> +ctx.putContext(this.getClass(), Boolean.FALSE);
>>> +} else {
>>> +ctx.putContext(this.getClass(), Boolean.TRUE);
>>> +}
>>
>> Honestly, I do not understand the above if/else block.
>>
>> I do not see how the difference of "${ foo } vs ${ foo.bar }" maps
>> into "(parent instanceof AstValue)" check.
>>
>> What is the meaning of "parent" in Ast?
>
> It is the parent node of this node in the parse tree.
>
>> What possible values can it have?
>
> In theory, an instance of anything that extends SimpleNode. In practice,
> we are only interested in instances of AstValue since that is the type
> we will see when we need to check if the identifier represents a class
> and do the expensive class lookup.
>
>> Does this handle method calls, such as ${System.currentTimeMillis()} ?
>
> Yes.
OK. Understood. Reading the JJTree [1] and JavaCC docs was worth it.
[1] https://javacc.java.net/doc/JJTree.html
Summarizing the important bits.
The grammar - ELParser.jjt - says:
void Value() : {}
{
(ValuePrefix() (ValueSuffix())*) #Value(>1)
}
void ValuePrefix() : {}
{
Literal()
| NonLiteral()
}
void NonLiteral() : {}
{
LOOKAHEAD(5) LambdaExpressionOrInvocation()
| Expression()
| LOOKAHEAD(( )? ) Function()
| Identifier()
| LOOKAHEAD(3)SetData()
| ListData()
| MapData()
}
void Identifier() #Identifier : { Token t = null; }
{
t= { jjtThis.setImage(t.image); }
}
The following is important:
1. Each rule (aka non-terminal production) generates a same-named
method in ELParser.java class.
2. Each #Foo token produces code that creates an instance of AstFoo
node class. If there is no #Foo token, no node is generated.
This "no node is generated" is thanks to "NODE_DEFAULT_VOID=true;"
option specified at top of the grammar file.
It means that ValuePrefix() and NonLiteral() do not generate any Ast*
classes and AstIdentifier (generated by Identifier()) will be directly
nested into AstValue (generated by Value()).
BTW, ValueSuffix() generates either a AstDotSuffix or a
AstBracketSuffix node. It cannot generate an AstIdentifier.
4. The "#Value(>1)" token in Value() rule is a "ConditionalNode" (as
documented in [1]) and generates the node only if there is more than
one child.
It means that an AstValue node always has at least two children. It
means if there is only one token ("${foo}"), an AstValue node is not
generated, an AstIdentifier falls through.
Thus it is indeed the case of "foo" in ${foo.bar}, not a "bar" and not
a single ${foo}.
>>> +try {
>>> +result = ctx.getELResolver().getValue(ctx, null, this.image);
>>> +} finally {
>>> +// Always reset the flag to false so the optimisation is not
>>> applied
>>> +// inappropriately
>>> +ctx.putContext(this.getClass(), Boolean.FALSE);
>>> +}
>>> +
>>> if (ctx.isPropertyResolved()) {
>>> return result;
>>> }
>>
>> Below these lines the AstIdentifier does its own
>> ImportHandler.resolveClass(), resolveStatic() calls.
>>
>> This duplicates the work performed by ScopedAttributeELResolver and I
>> wonder whether it is necessary.
>
> Yes it is necessary.
>
> ScopedAttributeELResolver is defined to always resolve the property (so
> it
svn commit: r1734464 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Thu Mar 10 21:53:47 2016 New Revision: 1734464 URL: http://svn.apache.org/viewvc?rev=1734464&view=rev Log: Fix order Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1734464&r1=1734463&r2=1734464&view=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Thu Mar 10 21:53:47 2016 @@ -180,14 +180,14 @@ a session associated with SSO. (markt) +59150: Add an additional flag on APR listener to allow +disabling automatic use of OpenSSL. (remm) + + 59151: Fix a regression in the fix for 56917 that added additional (and arguably unnecessary) validation to the provided redirect location. (markt) - -59150: Add an additional flag on APR listener to allow -disabling automatic use of OpenSSL. (remm) - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734466 - in /tomcat/trunk: java/org/apache/catalina/realm/JAASMemoryLoginModule.java webapps/docs/changelog.xml
Author: markt
Date: Thu Mar 10 22:01:18 2016
New Revision: 1734466
URL: http://svn.apache.org/viewvc?rev=1734466&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59154
Fix a NullPointerException in the JASSMemoryLoginModue resulting from the
introduction of the CredentialHandler to Realms
Modified:
tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java?rev=1734466&r1=1734465&r2=1734466&view=diff
==
--- tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java Thu
Mar 10 22:01:18 2016
@@ -18,6 +18,7 @@ package org.apache.catalina.realm;
import java.io.File;
import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.Map;
@@ -41,8 +42,7 @@ import org.apache.tomcat.util.digester.D
* Implementation of the JAAS LoginModule interface,
* primarily for use in testing JAASRealm. It utilizes an
* XML-format data file of username/password/role information identical to
- * that supported by org.apache.catalina.realm.MemoryRealm
- * (except that digested passwords are not supported).
+ * that supported by org.apache.catalina.realm.MemoryRealm.
*
* This class recognizes the following string-valued options, which are
* specified in the configuration file and passed to {@link
@@ -54,6 +54,14 @@ import org.apache.tomcat.util.digester.D
* XML file containing our user information, in the format supported by
* {@link MemoryRealm}. The default value matches the MemoryRealm
* default.
+ * digest - Digest used to protect credentials in the XML
+ * file. If not specified, the passwords will be assumed to be in clear
+ * text.
+ * iterations - The number of iterations of the associated
+ * algorithm that will be used when creating a new stored credential for a
+ * given input credential.
+ * saltLength - The salt length that will be used when
+ * creating a new stored credential for a given input credential.
*
*
* IMPLEMENTATION NOTE - This class implements
@@ -223,9 +231,24 @@ public class JAASMemoryLoginModule exten
this.options = options;
// Perform instance-specific initialization
+MessageDigestCredentialHandler credentialHandler = new
MessageDigestCredentialHandler();
+setCredentialHandler(credentialHandler);
if (options.get("pathname") != null) {
this.pathname = (String) options.get("pathname");
}
+if (options.get("digest") != null) {
+try {
+credentialHandler.setAlgorithm((String) options.get("digest"));
+} catch (NoSuchAlgorithmException e) {
+log.warn("Invalid digest algorithm for JAASMemoryLoginModule",
e);
+}
+}
+if (options.get("iterations") != null) {
+credentialHandler.setIterations(Integer.parseInt((String)
options.get("iterations")));
+}
+if (options.get("saltLength") != null) {
+credentialHandler.setIterations(Integer.parseInt((String)
options.get("saltLength")));
+}
// Load our defined Principals
load();
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1734466&r1=1734465&r2=1734466&view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Mar 10 22:01:18 2016
@@ -188,6 +188,11 @@
added additional (and arguably unnecessary) validation to the provided
redirect location. (markt)
+
+59154: Fix a NullPointerException in the
+JASSMemoryLoginModue resulting from the introduction of
the
+CredentialHandler to Realms. (schultz/markt)
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734467 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/realm/JAASMemoryLoginModule.java
Author: markt Date: Thu Mar 10 22:02:45 2016 New Revision: 1734467 URL: http://svn.apache.org/viewvc?rev=1734467&view=rev Log: Clean-up. No functional change. Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Mar 10 22:02:45 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,1691134,1691487,1691813,1692744-1692747,1692849,1692894,1692896,1693088,1693105,1693429,1693461,1694058,1694111,1694290,1694501,1694548,1694658,1694660,1694788,1694872,1694878,1695006,1695354,1695371,169
svn commit: r1734468 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/realm/JAASMemoryLoginModule.java webapps/docs/changelog.xml
Author: markt Date: Thu Mar 10 22:03:44 2016 New Revision: 1734468 URL: http://svn.apache.org/viewvc?rev=1734468&view=rev Log: Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59154 Fix a NullPointerException in the JASSMemoryLoginModue resulting from the introduction of the CredentialHandler to Realms Modified: tomcat/tc8.0.x/trunk/ (props changed) tomcat/tc8.0.x/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.0.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Mar 10 22:03:44 2016 @@ -1 +1 @@ -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,1644886 ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,1657 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386-1 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-168452 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,1689357,1689656,1689675-1689677,1689679,1689687,1689825,1689856,1689918,1690011,1690021,1690054,1690080,1690209,169
[Bug 59154] JAASMemoryLoginModule: NullPointerException in MemoryRealm after upgrading to Tomcat 8.0.32 from 7.0.26
https://bz.apache.org/bugzilla/show_bug.cgi?id=59154 Mark Thomas changed: What|Removed |Added OS||All Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Mark Thomas --- Fixed in trunk for 9.0.0.M4 onwards and 8.0.x for 8.0.33 onwards. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1734468 - in /tomcat/tc8.0.x/trunk: ./ java/org/apache/catalina/realm/JAASMemoryLoginModule.java webapps/docs/changelog.xml
Mark, On 3/10/16 5:03 PM, ma...@apache.org wrote: > Author: markt > Date: Thu Mar 10 22:03:44 2016 > New Revision: 1734468 > > URL: http://svn.apache.org/viewvc?rev=1734468&view=rev > Log: > Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=59154 > Fix a NullPointerException in the JASSMemoryLoginModue resulting from the > introduction of the CredentialHandler to Realms > > Modified: > tomcat/tc8.0.x/trunk/ (props changed) > > tomcat/tc8.0.x/trunk/java/org/apache/catalina/realm/JAASMemoryLoginModule.java > tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml > > Propchange: tomcat/tc8.0.x/trunk/ > -- > --- svn:mergeinfo (original) > +++ svn:mergeinfo Thu Mar 10 22:03:44 2016 > @@ -1 +1 @@ > -/tomcat/trunk:1636524,1637156,1637176,1637188,1637331,1637684,1637695,1637890,1637892,1638720-1638725,1639653,1640010,1640083-1640084,1640088,1640275,1640322,1640347,1640361,1640365,1640403,1640410,1640652,1640655-1640658,1640688,1640700-1640883,1640903,1640976,1640978,1641000,1641026,1641038-1641039,1641051-1641052,1641058,1641064,1641300,1641369,1641374,1641380,1641486,1641634,1641656-1641692,1641704,1641707-1641718,1641720-1641722,1641735,1641981,1642233,1642280,1642554,1642564,1642595,1642606,1642668,1642679,1642697,1642699,1642766,1643002,1643045,1643054-1643055,1643066,1643121,1643128,1643206,1643209-1643210,1643216,1643249,1643270,1643283,1643309-1643310,1643323,1643365-1643366,1643370-1643371,1643465,1643474,1643536,1643570,1643634,1643649,1643651,1643654,1643675,1643731,1643733-1643734,1643761,1643766,1643814,1643937,1643963,1644017,1644169,1644201-1644203,1644321,1644323,1644516,1644523,1644529,1644535,1644730,1644768,1644784-1644785,1644790,1644793,1644815,1644884,164488 6 > > ,1644890,1644892,1644910,1644924,1644929-1644930,1644935,1644989,1645011,1645247,1645355,1645357-1645358,1645455,1645465,1645469,1645471,1645473,1645475,1645486-1645488,1645626,1645641,1645685,1645743,1645763,1645951-1645953,1645955,1645993,1646098-1646106,1646178,1646220,1646302,1646304,1646420,1646470-1646471,1646476,1646559,1646717-1646723,1646773,1647026,1647042,1647530,1647655,1648304,1648815,1648907,1649973,1650081,1650365,1651116,1651120,1651280,1651470,1652938,1652970,1653041,1653471,1653550,1653574,1653797,1653815-1653816,1653819,1653840,1653857,1653888,1653972,1654013,1654030,1654050,1654123,1654148,1654159,1654513,1654515,1654517,1654522,1654524,1654725,1654735,1654766,1654785,1654851-1654852,1654978,1655122-1655124,1655126-1655127,1655129-1655130,1655132-1655133,1655312,1655351,1655438,1655441,1655454,168,1656087,1656299,1656319,1656331,1656345,1656350,1656590,1656648-1656650,1656657,1657041,1657054,1657374,1657492,1657510,1657565,1657580,1657584,1657586,1657589,165 7 > > 592,1657607,1657609,1657682,1657907,1658207,1658734,1658781,1658790,1658799,1658802,1658804,1658833,1658840,1658966,1659043,1659053,1659059,1659174,1659184,1659188-1659189,1659216,1659263,1659293,1659304,1659306-1659307,1659382,1659384,1659428,1659471,1659486,1659505,1659516,1659521,1659524,1659559,1659562,1659803,1659806,1659814,1659833,1659862,1659905,1659919,1659948,1659967,1659983-1659984,1660060,1660074,1660077,1660133,1660168,1660331-1660332,1660353,1660358,1660924,1661386,1661770,1661867,1661972,1661990,1662200,1662308-1662309,1662548,1662614,1662696,1662736,1662985,1662988-1662989,1663264,1663277,1663298,1663534,1663562,1663676,1663715,1663754,1663768,1663772,1663781,1663893,1663995,1664143,1664163,1664174,1664301,1664317,1664347,1664657,1664659,1664710,1664863-1664864,1664866,1665085,1665292,1665559,1665653,1665661,1665672,1665694,1665697,1665736,1665779,1665976-1665977,1665980-1665981,1665985-1665986,1665989,1665998,1666004,1666008,1666013,1666017,1666024,1666116,1666386- 1 > > 666387,1666494,1666496,1666552,1666569,1666579,137,149,1666757,1666966,1666972,1666985,1666995,1666997,1667292,1667402,1667406,1667546,1667615,1667630,1667636,1667688,1667764,1667871,1668026,1668135,1668193,1668593,1668596,1668630,1668639,1668843,1669353,1669370,1669451,1669800,1669838,1669876,1669882,1670394,1670433,1670591,1670598-1670600,1670610,1670631,1670719,1670724,1670726,1670730,1670940,1671112,1672272,1672284,1673754,1674294,1675461,1675486,1675594,1675830,1676231,1676250-1676251,1676364,1676381,1676393,1676479,1676525,1676552,1676615,1676630,1676634,1676721,1676926,1676943,1677140,1677802,1678011,1678162,1678174,1678339,1678426-1678427,1678694,1678701,1679534,1679708,1679710,1679716,1680034,1680246,1681056,1681123,1681138,1681280,1681283,1681286,1681450,1681697,1681699,1681701,1681729,1681770,1681779,1681793,1681807,1681837-1681838,1681854,1681862,1681958,1682028,1682033,1682311,1682315,1682317,1682320,1682324,1682330,1682842,1684172,1684366,1684383,1684526-16845 2 > > 7,1684549-1684550,1685556,1685591,1685739,1685744,1685772,1685816,1685826,1685891,1687242,1687261,1687268,1687340,1687551,1688563,1688841,1688878,165,1688896,1688901,1689345-1689346,
[Bug 59163] New: TC Native 1.2.0 & later does not compile with openssl-fips
https://bz.apache.org/bugzilla/show_bug.cgi?id=59163 Bug ID: 59163 Summary: TC Native 1.2.0 & later does not compile with openssl-fips Product: Tomcat Native Version: 1.2.4 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: Library Assignee: dev@tomcat.apache.org Reporter: bkai...@morphotrust.com Compiling against openssl-fips (1.0.2g + fips-2.0.12), tomcat-native 1.2.0 and later fails with undeclared symbol errors, e.g., src/sslcontext.c fails at line 1148 with SSL_TLSEXT_ERR_ALERT_FATAL undeclared, and at line 1210 with SSL_TLSEXT_ERR_OK undeclared. src/sslutils.c fails, e.g., at line 618 with SSL_TLSEXT_ERR_OK undefined. This is apparently because TLSEXT is disabled in openssl in FIPS mode. TC-native does not check HAVE_TLSEXT in the above-referenced source code. Compilation is using gcc 4.8.5 on Linux CentOS 7. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Tomcat Wiki] Update of "FAQ/Logging" by KonstantinKolinko
Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification. The "FAQ/Logging" page has been changed by KonstantinKolinko: https://wiki.apache.org/tomcat/FAQ/Logging?action=diff&rev1=24&rev2=25 Comment: Add reference to BZ 53930 "allow capture of catalina stdout/stderr to a command instead of just a file" 1. If you are using jsvc 1.0.4 or later (from [[http://commons.apache.org/daemon/|Apache Commons Daemon]] project) to launch Tomcat, you can send SIGUSR1 signal to jsvc to get it to re-open its log files ([[https://issues.apache.org/jira/browse/DAEMON-95|Jira Ticket]]). You can couple this with 'logrotate' or your favorite log-rotation utility (including good-old 'mv') to re-name catalina.out at intervals and then get jsvc to re-open the original (catalina.out) file and continue writing to it. 1. Use 'logrotate' with the 'copytruncate' option. This allows you to externally rotate catalina.out without changing anything within Tomcat. - 1. Modify bin/catalina.sh (or bin/catalina.bat) to pipe output from the JVM into a piped-logger such as [[http://www.cronolog.org/|chronolog]] or Apache httpd's [[http://httpd.apache.org/docs/2.2/logs.html#piped|rotatelogs]] (note that the previous reference is for Apache httpd documentation and *is not applicable to Tomcat* -- it merely illustrates the concept). + 1. Modify bin/catalina.sh (or bin/catalina.bat) to pipe output from the JVM into a piped-logger such as [[http://www.cronolog.org/|chronolog]] or Apache httpd's [[http://httpd.apache.org/docs/2.2/logs.html#piped|rotatelogs]] (note that the previous reference is for Apache httpd documentation and *is not applicable to Tomcat* -- it merely illustrates the concept).<>See also the patch in [[https://bz.apache.org/bugzilla/show_bug.cgi?id=53930|Bug 53930, "Allow capture of catalina stdout/stderr to a command instead of just a file"]]. References to mailing list discussions: * [[http://marc.info/?t=10554447261&r=1&w=2a|tomcat-users thread from 2003]] - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 59164] New: If tomcat server can not be resolved, crash occurred.
https://bz.apache.org/bugzilla/show_bug.cgi?id=59164
Bug ID: 59164
Summary: If tomcat server can not be resolved, crash occurred.
Product: Tomcat Connectors
Version: 1.2.41
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_jk
Assignee: dev@tomcat.apache.org
Reporter: shimizuhiroto...@gmail.com
If host names were not resolved , and first access(curl http://localhost/).
After that , crash occurred.
This behavior is 1.2.38 or later.
---configuration
JkMount /* worker1
worker.list=worker1
worker.worker1.type=ajp13
worker.worker1.host=testhost
---
---mod_jk.log
[Tue Feb 23 17:24:08.475 2016] [14936:140647557949504] [error]
ajp_validate::jk_ajp_common.c (2867): worker worker1 can't resolve tomcat
address testhost
[Tue Feb 23 17:24:08.475 2016] [14936:140647557949504] [info] init_jk::mod_jk.c
(3591): mod_jk/1.2.41 initialized
[Tue Feb 23 17:24:08.509 2016] [14936:140647557949504] [error]
ajp_validate::jk_ajp_common.c (2867): worker worker1 can't resolve tomcat
address testhost
[Tue Feb 23 17:24:08.510 2016] [14936:140647557949504] [info] init_jk::mod_jk.c
(3591): mod_jk/1.2.41 initialized
[Tue Feb 23 17:24:25.218 2016] [14938:140647313106688] [error]
jk_open_socket::jk_connect.c (639): socket() failed (errno=97)
---
---error_log
[Tue Feb 23 17:24:08.511135 2016] [mpm_worker:notice] [pid 14936:tid
140647557949504] AH00292: Apache/2.4.6 (CentOS) mod_jk/1.2.41 configured --
resuming normal operations
[Tue Feb 23 17:24:08.511173 2016] [core:notice] [pid 14936:tid 140647557949504]
AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Tue Feb 23 17:24:26.531681 2016] [core:notice] [pid 14936:tid 140647557949504]
AH00051: child pid 14938 exit signal Segmentation fault (11), possible coredump
in /tmp
---
Hostname were not resolved in apr_sockaddr_info_get() , and JK_FALSE is
returned.
inet_ntop6() caused segmentation fault, because of saddr=null.
---jk_connect.c
:
int jk_resolve(const char *host, int port, jk_sockaddr_t *saddr,
void *pool, int prefer_ipv6, jk_logger_t *l)
{
:
memset(saddr, 0, sizeof(jk_sockaddr_t));
:
if (apr_sockaddr_info_get(&remote_sa, host, APR_UNSPEC,
(apr_port_t)port,
0, jk_apr_pool) != APR_SUCCESS) {
JK_TRACE_EXIT(l);
return JK_FALSE;
}
---
---
# gdb /usr/sbin/httpd core.14938
:
(gdb) bt
#0 inet_ntop6 (src=0x0, dst=dst@entry=0x7feb0122c750 "\030",
size=size@entry=64) at jk_connect.c:1201
#1 0x7feb02289691 in jk_dump_hinfo (saddr=0x7feb1013e258,
buf=buf@entry=0x7feb0122c750 "\030", size=size@entry=64) at jk_connect.c:1293
#2 0x7feb022a7fcb in ajp_connect_to_endpoint (ae=ae@entry=0x7feb1019e1a0,
l=l@entry=0x7feb1016e840) at jk_ajp_common.c:1068
#3 0x7feb022a93ab in ajp_send_request (e=0x7feb101a01f0, op=, ae=0x7feb1019e1a0, l=0x7feb1016e840, s=0x7feb0122c9e0) at
jk_ajp_common.c:1727
#4 ajp_service (e=0x7feb101a01f0, s=0x7feb0122c9e0, l=0x7feb1016e840,
is_error=0x7feb0122c994) at jk_ajp_common.c:2639
:
(gdb) f 1
#1 0x7feb02289691 in jk_dump_hinfo (saddr=0x7feb1013e258,
buf=buf@entry=0x7feb0122c750 "\030", size=size@entry=64) at jk_connect.c:1293
1293inet_ntop6(saddr->ipaddr_ptr, buf, size);
(gdb) p *saddr
$1 = {family = 0, port = 0, salen = 0, ipaddr_len = 0, ipaddr_ptr = 0x0, sa =
{sin = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 0,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000'
,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}, sas = {ss_family = 0, __ss_align = 0, __ss_padding = '\000'
}}}
---
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1734491 - /tomcat/native/trunk/native/src/ssl.c
Author: billbarker
Date: Fri Mar 11 03:40:09 2016
New Revision: 1734491
URL: http://svn.apache.org/viewvc?rev=1734491&view=rev
Log:
locking callbacks have been removed in OpenSSL master with no replacement
Modified:
tomcat/native/trunk/native/src/ssl.c
Modified: tomcat/native/trunk/native/src/ssl.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1734491&r1=1734490&r2=1734491&view=diff
==
--- tomcat/native/trunk/native/src/ssl.c (original)
+++ tomcat/native/trunk/native/src/ssl.c Fri Mar 11 03:40:09 2016
@@ -348,6 +348,7 @@ static ENGINE *ssl_try_load_engine(const
* To ensure thread-safetyness in OpenSSL
*/
+#if OPENSSL_VERSION_NUMBER < 0x1010L
static apr_thread_mutex_t **ssl_lock_cs;
static int ssl_lock_num_locks;
@@ -365,6 +366,7 @@ static void ssl_thread_lock(int mode, in
}
}
}
+#endif
static unsigned long ssl_thread_id(void)
{
@@ -394,10 +396,14 @@ static void ssl_set_thread_id(CRYPTO_THR
static apr_status_t ssl_thread_cleanup(void *data)
{
UNREFERENCED(data);
+#if OPENSSL_VERSION_NUMBER < 0x1010L
CRYPTO_set_locking_callback(NULL);
+#endif
CRYPTO_THREADID_set_callback(NULL);
CRYPTO_set_dynlock_create_callback(NULL);
+#if OPENSSL_VERSION_NUMBER < 0x1010L
CRYPTO_set_dynlock_lock_callback(NULL);
+#endif
CRYPTO_set_dynlock_destroy_callback(NULL);
dynlockpool = NULL;
@@ -440,6 +446,7 @@ static struct CRYPTO_dynlock_value *ssl_
using our own pool. */
value->file = apr_pstrdup(p, file);
value->line = line;
+#if OPENSSL_VERSION_NUMBER < 0x1010L
rv = apr_thread_mutex_create(&(value->mutex), APR_THREAD_MUTEX_DEFAULT,
p);
if (rv != APR_SUCCESS) {
@@ -447,6 +454,7 @@ static struct CRYPTO_dynlock_value *ssl_
apr_pool_destroy(p);
return NULL;
}
+#endif
return value;
}
@@ -454,6 +462,7 @@ static struct CRYPTO_dynlock_value *ssl_
* Dynamic locking and unlocking function
*/
+#if OPENSSL_VERSION_NUMBER < 0x1010L
static void ssl_dyn_lock_function(int mode, struct CRYPTO_dynlock_value *l,
const char *file, int line)
{
@@ -466,6 +475,7 @@ static void ssl_dyn_lock_function(int mo
apr_thread_mutex_unlock(l->mutex);
}
}
+#endif
/*
* Dynamic lock destruction callback
@@ -474,11 +484,12 @@ static void ssl_dyn_destroy_function(str
const char *file, int line)
{
apr_status_t rv;
+#if OPENSSL_VERSION_NUMBER < 0x1010L
rv = apr_thread_mutex_destroy(l->mutex);
if (rv != APR_SUCCESS) {
/* TODO log that fprintf(stderr, "Failed to destroy mutex for dynamic
lock %s:%d", l->file, l->line); */
}
-
+#endif
/* Trust that whomever owned the CRYPTO_dynlock_value we were
* passed has no future use for it...
*/
@@ -488,6 +499,8 @@ static void ssl_thread_setup(apr_pool_t
{
int i;
+CRYPTO_THREADID_set_callback(ssl_set_thread_id);
+#if OPENSSL_VERSION_NUMBER < 0x1010L
ssl_lock_num_locks = CRYPTO_num_locks();
ssl_lock_cs = apr_palloc(p, ssl_lock_num_locks * sizeof(*ssl_lock_cs));
@@ -496,15 +509,16 @@ static void ssl_thread_setup(apr_pool_t
APR_THREAD_MUTEX_DEFAULT, p);
}
-CRYPTO_THREADID_set_callback(ssl_set_thread_id);
CRYPTO_set_locking_callback(ssl_thread_lock);
-
+#endif
/* Set up dynamic locking scaffolding for OpenSSL to use at its
* convenience.
*/
dynlockpool = p;
CRYPTO_set_dynlock_create_callback(ssl_dyn_create_function);
+#if OPENSSL_VERSION_NUMBER < 0x1010L
CRYPTO_set_dynlock_lock_callback(ssl_dyn_lock_function);
+#endif
CRYPTO_set_dynlock_destroy_callback(ssl_dyn_destroy_function);
apr_pool_cleanup_register(p, NULL, ssl_thread_cleanup,
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
