[Bug 64951] New: Websocket connection to unresolvable host causes fd leaks
https://bz.apache.org/bugzilla/show_bug.cgi?id=64951 Bug ID: 64951 Summary: Websocket connection to unresolvable host causes fd leaks Product: Tomcat 8 Version: 8.5.37 Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P2 Component: WebSocket Assignee: dev@tomcat.apache.org Reporter: maurizio.ad...@gmail.com Target Milestone: Created attachment 37583 --> https://bz.apache.org/bugzilla/attachment.cgi?id=37583&action=edit patch for WsWebSocketContainer.java 8.5.37 fd leaks An attempt to create a new websocket connection with WebSocketContainer.connectToServer to an unresolvable host raises java.nio.channels.UnresolvedAddressException, but leaves some socket resources allocated. This can be verified by putting the above connect method in a loop and monitoring the open files of the java process. On linux this can be done with e.g. lsof: the number of socket fd increase on every iteration up to the OS limit, then "Too many open files" IOExceptions are raised. Browsing the org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive() code I found that the call // Open the connection Future fConnect = socketChannel.connect(sa); raises the UnresolvedAddressException, leaving the socketChannel object opened. I think the same problem could arise with a proxy server that return a status code != 200, handled in lines 313-317. I tried to solve extending the try block to include the above call, changing the corresponding finally block to cover extra cases. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] minfrin commented on pull request #382: Add support for unix domain sockets.
minfrin commented on pull request #382: URL: https://github.com/apache/tomcat/pull/382#issuecomment-737203904 > OK, my slight counter proposal is not use rw-rw-rw- as default, but rw-rw because this would reflect the default umask of 027, i.e, not to create anything world readable. For those who need more permissions, they can supply a custom string. The problem with this is that it makes the default behaviour between windows and unix inconsistent, and this is likely to cause headaches for people who either don't read the docs properly, or read a response on stack overflow aimed at unix people and use it thinking it also applies to windows. Setting a default on windows is itself hard - windows doesn't have a concept of a "primary group" like posix, but the possibility of zero or more users and/or groups that have access to a file or directory. There is no practical default behaviour for any of that, which is why java itself doesn't try. Java gives you "access to owner" and "access to everyone", and that's it. "Access to owner" is the same as "no uds support", that leaves just "access to everyone, protect me by protecting my parent directory". > I also do understand that localhost is open for everyone on that box, but isn't that the whole point of UDS to have more control over the socket? Yes - and the most simplest way to protect a socket is to put it in a suitably protected directory. You don't have to protect the socket file itself, just make it impossible for the file to be seen by making its parent directory inaccessible. I am very mindful of decisions made now being difficult to change down the line. Adding new behaviour in future is easy, but changing existing behaviour (like a default) is a headache for all concerned. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Start all core threads when starting the receiver and dispatch interceptor
This is an automated email from the ASF dual-hosted git repository.
kfujino pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 0f1a111 Start all core threads when starting the receiver and
dispatch interceptor
0f1a111 is described below
commit 0f1a1114428af6a212bdd23264123d1ed994ce31
Author: KeiichiFujino
AuthorDate: Wed Dec 2 21:49:03 2020 +0900
Start all core threads when starting the receiver and dispatch interceptor
---
java/org/apache/catalina/tribes/util/ExecutorFactory.java | 4
webapps/docs/changelog.xml| 8
2 files changed, 12 insertions(+)
diff --git a/java/org/apache/catalina/tribes/util/ExecutorFactory.java
b/java/org/apache/catalina/tribes/util/ExecutorFactory.java
index 5fe0aee..b1241cf 100644
--- a/java/org/apache/catalina/tribes/util/ExecutorFactory.java
+++ b/java/org/apache/catalina/tribes/util/ExecutorFactory.java
@@ -47,19 +47,23 @@ public class ExecutorFactory {
private static class TribesThreadPoolExecutor extends ThreadPoolExecutor {
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, handler);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
ThreadFactory threadFactory,
RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, threadFactory, handler);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
ThreadFactory threadFactory) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, threadFactory);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue);
+prestartAllCoreThreads();
}
@Override
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 926df1b..3424058 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -161,6 +161,14 @@
+
+
+
+Start all core threads when starting the receiver and dispatch
+interceptor. (kfujino)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 9.0.x updated: Start all core threads when starting the receiver and dispatch interceptor
This is an automated email from the ASF dual-hosted git repository.
kfujino pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 1763385 Start all core threads when starting the receiver and
dispatch interceptor
1763385 is described below
commit 176338583c59342663a18f035ee9a142ae5fad6a
Author: KeiichiFujino
AuthorDate: Wed Dec 2 21:54:39 2020 +0900
Start all core threads when starting the receiver and dispatch interceptor
---
java/org/apache/catalina/tribes/util/ExecutorFactory.java | 4
webapps/docs/changelog.xml| 8
2 files changed, 12 insertions(+)
diff --git a/java/org/apache/catalina/tribes/util/ExecutorFactory.java
b/java/org/apache/catalina/tribes/util/ExecutorFactory.java
index 5fe0aee..b1241cf 100644
--- a/java/org/apache/catalina/tribes/util/ExecutorFactory.java
+++ b/java/org/apache/catalina/tribes/util/ExecutorFactory.java
@@ -47,19 +47,23 @@ public class ExecutorFactory {
private static class TribesThreadPoolExecutor extends ThreadPoolExecutor {
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, handler);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
ThreadFactory threadFactory,
RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, threadFactory, handler);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
ThreadFactory threadFactory) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, threadFactory);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue);
+prestartAllCoreThreads();
}
@Override
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 56a4b14..4f3821a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -157,6 +157,14 @@
+
+
+
+Start all core threads when starting the receiver and dispatch
+interceptor. (kfujino)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 8.5.x updated: Start all core threads when starting the receiver and dispatch interceptor
This is an automated email from the ASF dual-hosted git repository.
kfujino pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 884293e Start all core threads when starting the receiver and
dispatch interceptor
884293e is described below
commit 884293ef6bf036293503e734a9cd72194b7e63cc
Author: KeiichiFujino
AuthorDate: Wed Dec 2 22:00:55 2020 +0900
Start all core threads when starting the receiver and dispatch interceptor
---
java/org/apache/catalina/tribes/util/ExecutorFactory.java | 4
webapps/docs/changelog.xml| 8
2 files changed, 12 insertions(+)
diff --git a/java/org/apache/catalina/tribes/util/ExecutorFactory.java
b/java/org/apache/catalina/tribes/util/ExecutorFactory.java
index 956b3a1..cb67745 100644
--- a/java/org/apache/catalina/tribes/util/ExecutorFactory.java
+++ b/java/org/apache/catalina/tribes/util/ExecutorFactory.java
@@ -47,19 +47,23 @@ public class ExecutorFactory {
private static class TribesThreadPoolExecutor extends ThreadPoolExecutor {
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, handler);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
ThreadFactory threadFactory,
RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, threadFactory, handler);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue,
ThreadFactory threadFactory) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue, threadFactory);
+prestartAllCoreThreads();
}
public TribesThreadPoolExecutor(int corePoolSize, int maximumPoolSize,
long keepAliveTime, TimeUnit unit, BlockingQueue workQueue) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit,
workQueue);
+prestartAllCoreThreads();
}
@Override
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index d243682..e5eb7f6 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -150,6 +150,14 @@
+
+
+
+Start all core threads when starting the receiver and dispatch
+interceptor. (kfujino)
+
+
+
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat-native] minfrin commented on a change in pull request #8: Expose support for Unix Domain Sockets in APR v1.6 and up.
minfrin commented on a change in pull request #8: URL: https://github.com/apache/tomcat-native/pull/8#discussion_r534162543 ## File path: java/org/apache/tomcat/jni/Address.java ## @@ -40,8 +40,9 @@ /** * Create apr_sockaddr_t from hostname, address family, and port. - * @param hostname The hostname or numeric address string to resolve/parse, or - * NULL to build an address that corresponds to 0.0.0.0 or :: + * @param hostname The hostname or numeric address string to resolve/parse, the + * path of the unix domain socket, or NULL to build an address Review comment: Done. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix IDE warning
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new b2714ba Fix IDE warning
b2714ba is described below
commit b2714bab61358678fdfa16ec364baa808925c17b
Author: Mark Thomas
AuthorDate: Wed Dec 2 14:21:04 2020 +
Fix IDE warning
---
java/jakarta/servlet/http/Cookie.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/jakarta/servlet/http/Cookie.java
b/java/jakarta/servlet/http/Cookie.java
index 1d8e7de..48a621b 100644
--- a/java/jakarta/servlet/http/Cookie.java
+++ b/java/jakarta/servlet/http/Cookie.java
@@ -74,7 +74,7 @@ public class Cookie implements Cloneable, Serializable {
} else {
strictServletCompliance = AccessController.doPrivileged(
(PrivilegedAction) () ->
Boolean.valueOf(System.getProperty(
-"org.apache.catalina.STRICT_SERVLET_COMPLIANCE")));
+
"org.apache.catalina.STRICT_SERVLET_COMPLIANCE"))).booleanValue();
propStrictNaming = AccessController.doPrivileged(
(PrivilegedAction) () -> System.getProperty(
"org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING"));
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64947] NPE in UpgradeProcessorExternal constructor
https://bz.apache.org/bugzilla/show_bug.cgi?id=64947 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #13 from Mark Thomas --- Fixed in: - 10.0.x for 10.0.0-M11 onwards - 9.0.x for 9.0.41 onwards - 8.5.x for 8.5.61 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] shorinji opened a new pull request #383: Fix so ResponseUtil:addVaryFieldName() stop adding duplicate values
shorinji opened a new pull request #383:
URL: https://github.com/apache/tomcat/pull/383
Currently addVaryFieldName() add a value twice when there already is named
value (not asterisk).
The existing tests did not catch this, since they assert using a HashMap
thus containing no duplicates.
I have updated one of the test case, inlining parts of the
doTestAddVaryFieldName() that can be reused.
Adding `System.out.println("adding " + name + " with " +
adapter.getHeaders(VARY_HEADER) + " already present = " + varyHeader);` at the
end of addVaryFieldName() we can track what happens when running the tests:
`test-nio:
[junit] Running org.apache.tomcat.util.http.TestResponseUtil
[junit] adding too with [foo, bar] already present = too,bar,too,foo
[junit] adding too with [{{{, bar] already present = too,bar,too
[junit] adding foo with [foo, bar] already present = foo,bar,foo
[junit] adding bar with [{{{, bar] already present = bar,bar
[junit] adding too with [foo, bar] already present = too,bar,too,foo
[junit] adding too with [foo, bar] already present = too,bar,too,foo
[junit] adding foo with [foo, bar] already present = foo,bar,foo
...`
After my patch this looks like:
`test-nio:
[junit] Running org.apache.tomcat.util.http.TestResponseUtil
[junit] adding too with [foo, bar] already present = bar,too,foo
[junit] adding too with [{{{, bar] already present = bar,too
[junit] adding foo with [foo, bar] already present = bar,foo
[junit] adding bar with [{{{, bar] already present = bar
[junit] adding too with [foo, bar] already present = bar,too,foo
[junit] adding too with [foo, bar] already present = bar,too,foo
[junit] adding foo with [foo, bar] already present = bar,foo
`
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat-native] michael-o commented on pull request #8: Expose support for Unix Domain Sockets in APR v1.6 and up.
michael-o commented on pull request #8: URL: https://github.com/apache/tomcat-native/pull/8#issuecomment-737306223 We are all set, I will merge this week. Thank you for the fantastic cooperation. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat-native] minfrin commented on pull request #8: Expose support for Unix Domain Sockets in APR v1.6 and up.
minfrin commented on pull request #8: URL: https://github.com/apache/tomcat-native/pull/8#issuecomment-737339797 > We are all set, I will merge this week. Thank you for the fantastic cooperation. Thank you so much for the help, I really appreciate it. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] michael-o commented on pull request #382: Add support for unix domain sockets.
michael-o commented on pull request #382: URL: https://github.com/apache/tomcat/pull/382#issuecomment-737353972 > > > > OK, my slight counter proposal is not use rw-rw-rw- as default, but rw-rw because this would reflect the default umask of 027, i.e, not to create anything world readable. For those who need more permissions, they can supply a custom string. > > The problem with this is that it makes the default behaviour between windows and unix inconsistent, and this is likely to cause headaches for people who either don't read the docs properly, or read a response on stack overflow aimed at unix people and use it thinking it also applies to windows. While I agree here, you cannot really achieve consistency due to two completely diametral approach in both OS types. I wouldn't try to achive, as sad as it sounds. > Setting a default on windows is itself hard - windows doesn't have a concept of a "primary group" like posix, but the possibility of zero or more users and/or groups that have access to a file or directory. There is no practical default behaviour for any of that, which is why java itself doesn't try. Java gives you "access to owner" and "access to everyone", and that's it. "Access to owner" is the same as "no uds support", that leaves just "access to everyone, protect me by protecting my parent directory". I know it is hard, maybe we should not try at all? I believe that it will quite some time to be picked up by Windows users at all. > > I also do understand that localhost is open for everyone on that box, but isn't that the whole point of UDS to have more control over the socket? > > Yes - and the most simplest way to protect a socket is to put it in a suitably protected directory. You don't have to protect the socket file itself, just make it impossible for the file to be seen by making its parent directory inaccessible. > > I am very mindful of decisions made now being difficult to change down the line. Adding new behaviour in future is easy, but changing existing behaviour (like a default) is a headache for all concerned. Agree! This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 01ad27c Fix BZ-64951 - Correct potential fd leak when WebSocket
connections fail
01ad27c is described below
commit 01ad27c568594f32ab178983d97e53b8b3b25d25
Author: Mark Thomas
AuthorDate: Wed Dec 2 17:27:21 2020 +
Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
https://bz.apache.org/bugzilla/show_bug.cgi?id=64951
Patch provided by Maurizio Adami
---
.../tomcat/websocket/WsWebSocketContainer.java | 51 +++---
webapps/docs/changelog.xml | 9
2 files changed, 34 insertions(+), 26 deletions(-)
diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
index 28d0543..e6dc4b3 100644
--- a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
+++ b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
@@ -305,13 +305,13 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
boolean success = false;
List extensionsAgreed = new ArrayList<>();
Transformation transformation = null;
-
-// Open the connection
-Future fConnect = socketChannel.connect(sa);
AsyncChannelWrapper channel = null;
-if (proxyConnect != null) {
-try {
+try {
+// Open the connection
+Future fConnect = socketChannel.connect(sa);
+
+if (proxyConnect != null) {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
// Proxy CONNECT is clear text
channel = new AsyncChannelWrapperNonSecure(socketChannel);
@@ -322,29 +322,20 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
"wsWebSocketContainer.proxyConnectFail",
selectedProxy,
Integer.toString(httpResponse.getStatus(;
}
-} catch (TimeoutException | InterruptedException |
ExecutionException |
-EOFException e) {
-if (channel != null) {
-channel.close();
-}
-throw new DeploymentException(
-
sm.getString("wsWebSocketContainer.httpRequestFailed"), e);
}
-}
-if (secure) {
-// Regardless of whether a non-secure wrapper was created for a
-// proxy CONNECT, need to use TLS from this point on so wrap the
-// original AsynchronousSocketChannel
-SSLEngine sslEngine = createSSLEngine(userProperties, host, port);
-channel = new AsyncChannelWrapperSecure(socketChannel, sslEngine);
-} else if (channel == null) {
-// Only need to wrap as this point if it wasn't wrapped to process
a
-// proxy CONNECT
-channel = new AsyncChannelWrapperNonSecure(socketChannel);
-}
+if (secure) {
+// Regardless of whether a non-secure wrapper was created for a
+// proxy CONNECT, need to use TLS from this point on so wrap
the
+// original AsynchronousSocketChannel
+SSLEngine sslEngine = createSSLEngine(userProperties, host,
port);
+channel = new AsyncChannelWrapperSecure(socketChannel,
sslEngine);
+} else if (channel == null) {
+// Only need to wrap as this point if it wasn't wrapped to
process a
+// proxy CONNECT
+channel = new AsyncChannelWrapperNonSecure(socketChannel);
+}
-try {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
Future fHandshake = channel.handshake();
@@ -500,7 +491,15 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
throw new
DeploymentException(sm.getString("wsWebSocketContainer.httpRequestFailed",
path), e);
} finally {
if (!success) {
-channel.close();
+if (channel != null) {
+channel.close();
+} else {
+try {
+socketChannel.close();
+} catch (IOException ioe) {
+// Ignore
+}
+}
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 3424058..1e4cf3a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -151,6 +151,15 @@
+
+
+
+64951: Fix a potential file descriptor leak when WebSocket
+connections are attempted and fail. Patch provided by Maurizio Ad
[tomcat] branch 9.0.x updated: Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 9da6126 Fix BZ-64951 - Correct potential fd leak when WebSocket
connections fail
9da6126 is described below
commit 9da6126e84099974de3e109e4f0eba68314b24c2
Author: Mark Thomas
AuthorDate: Wed Dec 2 17:27:21 2020 +
Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
https://bz.apache.org/bugzilla/show_bug.cgi?id=64951
Patch provided by Maurizio Adami
---
.../tomcat/websocket/WsWebSocketContainer.java | 51 +++---
webapps/docs/changelog.xml | 9
2 files changed, 34 insertions(+), 26 deletions(-)
diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
index 0db496f..4bc8f6a 100644
--- a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
+++ b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
@@ -304,13 +304,13 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
boolean success = false;
List extensionsAgreed = new ArrayList<>();
Transformation transformation = null;
-
-// Open the connection
-Future fConnect = socketChannel.connect(sa);
AsyncChannelWrapper channel = null;
-if (proxyConnect != null) {
-try {
+try {
+// Open the connection
+Future fConnect = socketChannel.connect(sa);
+
+if (proxyConnect != null) {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
// Proxy CONNECT is clear text
channel = new AsyncChannelWrapperNonSecure(socketChannel);
@@ -321,29 +321,20 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
"wsWebSocketContainer.proxyConnectFail",
selectedProxy,
Integer.toString(httpResponse.getStatus(;
}
-} catch (TimeoutException | InterruptedException |
ExecutionException |
-EOFException e) {
-if (channel != null) {
-channel.close();
-}
-throw new DeploymentException(
-
sm.getString("wsWebSocketContainer.httpRequestFailed"), e);
}
-}
-if (secure) {
-// Regardless of whether a non-secure wrapper was created for a
-// proxy CONNECT, need to use TLS from this point on so wrap the
-// original AsynchronousSocketChannel
-SSLEngine sslEngine = createSSLEngine(userProperties, host, port);
-channel = new AsyncChannelWrapperSecure(socketChannel, sslEngine);
-} else if (channel == null) {
-// Only need to wrap as this point if it wasn't wrapped to process
a
-// proxy CONNECT
-channel = new AsyncChannelWrapperNonSecure(socketChannel);
-}
+if (secure) {
+// Regardless of whether a non-secure wrapper was created for a
+// proxy CONNECT, need to use TLS from this point on so wrap
the
+// original AsynchronousSocketChannel
+SSLEngine sslEngine = createSSLEngine(userProperties, host,
port);
+channel = new AsyncChannelWrapperSecure(socketChannel,
sslEngine);
+} else if (channel == null) {
+// Only need to wrap as this point if it wasn't wrapped to
process a
+// proxy CONNECT
+channel = new AsyncChannelWrapperNonSecure(socketChannel);
+}
-try {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
Future fHandshake = channel.handshake();
@@ -499,7 +490,15 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
throw new
DeploymentException(sm.getString("wsWebSocketContainer.httpRequestFailed",
path), e);
} finally {
if (!success) {
-channel.close();
+if (channel != null) {
+channel.close();
+} else {
+try {
+socketChannel.close();
+} catch (IOException ioe) {
+// Ignore
+}
+}
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4f3821a..0f2d87b 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -147,6 +147,15 @@
+
+
+
+64951: Fix a potential file descriptor leak when WebSocket
+connections are attempted and fail. Patch provided by Maurizio Adam
[tomcat] branch 8.5.x updated: Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new a2dbd0a Fix BZ-64951 - Correct potential fd leak when WebSocket
connections fail
a2dbd0a is described below
commit a2dbd0a67d42577941d3ac784f85699059563ffd
Author: Mark Thomas
AuthorDate: Wed Dec 2 17:27:21 2020 +
Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
https://bz.apache.org/bugzilla/show_bug.cgi?id=64951
Patch provided by Maurizio Adami
---
.../tomcat/websocket/WsWebSocketContainer.java | 51 +++---
webapps/docs/changelog.xml | 9
2 files changed, 34 insertions(+), 26 deletions(-)
diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
index b724b75..dcde690 100644
--- a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
+++ b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
@@ -304,13 +304,13 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
boolean success = false;
List extensionsAgreed = new ArrayList<>();
Transformation transformation = null;
-
-// Open the connection
-Future fConnect = socketChannel.connect(sa);
AsyncChannelWrapper channel = null;
-if (proxyConnect != null) {
-try {
+try {
+// Open the connection
+Future fConnect = socketChannel.connect(sa);
+
+if (proxyConnect != null) {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
// Proxy CONNECT is clear text
channel = new AsyncChannelWrapperNonSecure(socketChannel);
@@ -321,29 +321,20 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
"wsWebSocketContainer.proxyConnectFail",
selectedProxy,
Integer.toString(httpResponse.getStatus(;
}
-} catch (TimeoutException | InterruptedException |
ExecutionException |
-EOFException e) {
-if (channel != null) {
-channel.close();
-}
-throw new DeploymentException(
-
sm.getString("wsWebSocketContainer.httpRequestFailed"), e);
}
-}
-if (secure) {
-// Regardless of whether a non-secure wrapper was created for a
-// proxy CONNECT, need to use TLS from this point on so wrap the
-// original AsynchronousSocketChannel
-SSLEngine sslEngine = createSSLEngine(userProperties, host, port);
-channel = new AsyncChannelWrapperSecure(socketChannel, sslEngine);
-} else if (channel == null) {
-// Only need to wrap as this point if it wasn't wrapped to process
a
-// proxy CONNECT
-channel = new AsyncChannelWrapperNonSecure(socketChannel);
-}
+if (secure) {
+// Regardless of whether a non-secure wrapper was created for a
+// proxy CONNECT, need to use TLS from this point on so wrap
the
+// original AsynchronousSocketChannel
+SSLEngine sslEngine = createSSLEngine(userProperties, host,
port);
+channel = new AsyncChannelWrapperSecure(socketChannel,
sslEngine);
+} else if (channel == null) {
+// Only need to wrap as this point if it wasn't wrapped to
process a
+// proxy CONNECT
+channel = new AsyncChannelWrapperNonSecure(socketChannel);
+}
-try {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
Future fHandshake = channel.handshake();
@@ -499,7 +490,15 @@ public class WsWebSocketContainer implements
WebSocketContainer, BackgroundProce
throw new
DeploymentException(sm.getString("wsWebSocketContainer.httpRequestFailed",
path), e);
} finally {
if (!success) {
-channel.close();
+if (channel != null) {
+channel.close();
+} else {
+try {
+socketChannel.close();
+} catch (IOException ioe) {
+// Ignore
+}
+}
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e5eb7f6..2bd17f1 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -140,6 +140,15 @@
+
+
+
+64951: Fix a potential file descriptor leak when WebSocket
+connections are attempted and fail. Patch provided by Maurizio Adam
[Bug 64951] Websocket connection to unresolvable host causes fd leaks
https://bz.apache.org/bugzilla/show_bug.cgi?id=64951 Mark Thomas changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Mark Thomas --- Thanks for the report and for the patch. The analysis looks good to me. I've applied the patch. Fixed in: - 10.0.x for 10.0.0-M11 onwards - 9.0.x for 9.0.41 onwards - 8.5.x for 8.5.61 onwards - 7.0.x for 7.0.108 onwards -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new 0f3c0fb Fix BZ-64951 - Correct potential fd leak when WebSocket
connections fail
0f3c0fb is described below
commit 0f3c0fbd1c29588463b1c8fddaaea66bd7f0d06c
Author: Mark Thomas
AuthorDate: Wed Dec 2 17:27:21 2020 +
Fix BZ-64951 - Correct potential fd leak when WebSocket connections fail
https://bz.apache.org/bugzilla/show_bug.cgi?id=64951
Patch provided by Maurizio Adami
# Conflicts:
# java/org/apache/tomcat/websocket/WsWebSocketContainer.java
---
.../tomcat/websocket/WsWebSocketContainer.java | 50 +++---
webapps/docs/changelog.xml | 9
2 files changed, 34 insertions(+), 25 deletions(-)
diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
index a59296c..087cd04 100644
--- a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
+++ b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
@@ -342,13 +342,13 @@ public class WsWebSocketContainer
boolean success = false;
List extensionsAgreed = new ArrayList();
Transformation transformation = null;
-
-// Open the connection
-Future fConnect = socketChannel.connect(sa);
AsyncChannelWrapper channel = null;
-if (proxyConnect != null) {
-try {
+try {
+// Open the connection
+Future fConnect = socketChannel.connect(sa);
+
+if (proxyConnect != null) {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
// Proxy CONNECT is clear text
channel = new AsyncChannelWrapperNonSecure(socketChannel);
@@ -359,28 +359,20 @@ public class WsWebSocketContainer
"wsWebSocketContainer.proxyConnectFail",
selectedProxy,
Integer.toString(httpResponse.getStatus(;
}
-} catch (Exception e) {
-if (channel != null) {
-channel.close();
-}
-throw new DeploymentException(
-
sm.getString("wsWebSocketContainer.httpRequestFailed"), e);
}
-}
-if (secure) {
-// Regardless of whether a non-secure wrapper was created for a
-// proxy CONNECT, need to use TLS from this point on so wrap the
-// original AsynchronousSocketChannel
-SSLEngine sslEngine = createSSLEngine(userProperties, host, port);
-channel = new AsyncChannelWrapperSecure(socketChannel, sslEngine);
-} else if (channel == null) {
-// Only need to wrap as this point if it wasn't wrapped to process
a
-// proxy CONNECT
-channel = new AsyncChannelWrapperNonSecure(socketChannel);
-}
+if (secure) {
+// Regardless of whether a non-secure wrapper was created for a
+// proxy CONNECT, need to use TLS from this point on so wrap
the
+// original AsynchronousSocketChannel
+SSLEngine sslEngine = createSSLEngine(userProperties, host,
port);
+channel = new AsyncChannelWrapperSecure(socketChannel,
sslEngine);
+} else if (channel == null) {
+// Only need to wrap as this point if it wasn't wrapped to
process a
+// proxy CONNECT
+channel = new AsyncChannelWrapperNonSecure(socketChannel);
+}
-try {
fConnect.get(timeout, TimeUnit.MILLISECONDS);
Future fHandshake = channel.handshake();
@@ -537,7 +529,15 @@ public class WsWebSocketContainer
throw new
DeploymentException(sm.getString("wsWebSocketContainer.httpRequestFailed",
path), e);
} finally {
if (!success) {
-channel.close();
+if (channel != null) {
+channel.close();
+} else {
+try {
+socketChannel.close();
+} catch (IOException ioe) {
+// Ignore
+}
+}
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 0dd2bd3..18b6eff 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -129,6 +129,15 @@
+
+
+
+64951: Fix a potential file descriptor leak when WebSocket
+connections are attempted and fail. Patch provided by Maurizio Adami.
+(markt)
+
+
+
-
To unsubscribe, e-mail
[tomcat-native] branch master updated: BZ 64942: Expose support for Unix Domain Sockets in APR v1.6 and up
This is an automated email from the ASF dual-hosted git repository.
michaelo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/master by this push:
new a3498fa BZ 64942: Expose support for Unix Domain Sockets in APR v1.6
and up
a3498fa is described below
commit a3498fa0992ac37c7358e00d1555395b52762e9b
Author: minfrin
AuthorDate: Sun Nov 29 17:31:57 2020 +
BZ 64942: Expose support for Unix Domain Sockets in APR v1.6 and up
This closes #8
---
java/org/apache/tomcat/jni/Address.java | 5 +++--
java/org/apache/tomcat/jni/Library.java | 8
java/org/apache/tomcat/jni/Socket.java | 1 +
native/include/tcn.h| 9 +
native/src/info.c | 3 +++
native/src/jnilib.c | 5 +
native/src/network.c| 26 ++
xdocs/index.xml | 25 +
xdocs/miscellaneous/changelog.xml | 3 +++
9 files changed, 75 insertions(+), 10 deletions(-)
diff --git a/java/org/apache/tomcat/jni/Address.java
b/java/org/apache/tomcat/jni/Address.java
index 2310367..38a08f8 100644
--- a/java/org/apache/tomcat/jni/Address.java
+++ b/java/org/apache/tomcat/jni/Address.java
@@ -40,8 +40,9 @@ public class Address {
/**
* Create apr_sockaddr_t from hostname, address family, and port.
- * @param hostname The hostname or numeric address string to
resolve/parse, or
- * NULL to build an address that corresponds to 0.0.0.0 or ::
+ * @param hostname The hostname or numeric address string to
resolve/parse, the
+ * path of the Unix Domain Socket, or NULL to build an
address
+ * that corresponds to 0.0.0.0 or ::
* @param family The address family to use, or APR_UNSPEC if the system
should
* decide.
* @param port The port number.
diff --git a/java/org/apache/tomcat/jni/Library.java
b/java/org/apache/tomcat/jni/Library.java
index c6c1398..a9849d3 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -177,6 +177,12 @@ public final class Library {
/* Is the O_NONBLOCK flag inherited from listening sockets?
*/
public static boolean APR_O_NONBLOCK_INHERITED = false;
+/* Poll operations are interruptable by apr_pollset_wakeup().
+ */
+public static boolean APR_POLLSET_WAKEABLE = false;
+/* Support for Unix Domain Sockets.
+ */
+public static boolean APR_HAVE_UNIX = false;
public static int APR_SIZEOF_VOIDP;
@@ -244,6 +250,8 @@ public final class Library {
APR_CHARSET_EBCDIC = has(18);
APR_TCP_NODELAY_INHERITED = has(19);
APR_O_NONBLOCK_INHERITED = has(20);
+APR_POLLSET_WAKEABLE = has(21);
+APR_HAVE_UNIX = has(22);
if (APR_MAJOR_VERSION < 1) {
throw new UnsatisfiedLinkError("Unsupported APR Version (" +
aprVersionString() + ")");
diff --git a/java/org/apache/tomcat/jni/Socket.java
b/java/org/apache/tomcat/jni/Socket.java
index 976dd38..8882f3b 100644
--- a/java/org/apache/tomcat/jni/Socket.java
+++ b/java/org/apache/tomcat/jni/Socket.java
@@ -79,6 +79,7 @@ public class Socket {
public static final int APR_UNSPEC = 0;
public static final int APR_INET = 1;
public static final int APR_INET6 = 2;
+public static final int APR_UNIX = 3;
public static final int APR_PROTO_TCP = 6; /** TCP */
public static final int APR_PROTO_UDP = 17; /** UDP */
diff --git a/native/include/tcn.h b/native/include/tcn.h
index d2f316b..168549f 100644
--- a/native/include/tcn.h
+++ b/native/include/tcn.h
@@ -281,11 +281,20 @@ typedef struct {
#define APR_INET6 APR_INET
#endif
+#ifdef APR_UNIX
#define GET_S_FAMILY(T, F) \
if (F == 0) T = APR_UNSPEC; \
else if (F == 1) T = APR_INET; \
else if (F == 2) T = APR_INET6; \
+else if (F == 3) T = APR_UNIX; \
else T = F
+#else
+#define GET_S_FAMILY(T, F) \
+if (F == 0) T = APR_UNSPEC; \
+else if (F == 1) T = APR_INET; \
+else if (F == 2) T = APR_INET6; \
+else T = F
+#endif
#define GET_S_TYPE(T, F) \
if (F == 0) T = SOCK_STREAM; \
diff --git a/native/src/info.c b/native/src/info.c
index 23afa31..4734e54 100644
--- a/native/src/info.c
+++ b/native/src/info.c
@@ -198,6 +198,9 @@ static void fill_ainfo(JNIEnv *e, jobject obj,
apr_sockaddr_t *info)
if (info->family == APR_UNSPEC) f = 0;
else if (info->family == APR_INET) f = 1;
else if (info->family == APR_INET6) f = 2;
+#ifdef APR_UNIX
+else if (info->family == APR_UNIX) f = 3;
+#endif
else f = info->family;
SET_AINFO_J(pool, P2J(info->pool)
[GitHub] [tomcat-native] asfgit closed pull request #8: Expose support for Unix Domain Sockets in APR v1.6 and up.
asfgit closed pull request #8: URL: https://github.com/apache/tomcat-native/pull/8 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 64942] [Patch] Expose support for Unix Domain Sockets in APR v1.6 and up.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64942 Michael Osipov changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Michael Osipov --- Fixed for 1.2.26 and up. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated: Ensure values are not duplicated when manipulating the vary header
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new a9aa71e Ensure values are not duplicated when manipulating the vary
header
a9aa71e is described below
commit a9aa71ec61aca7b5e750bde1042c1bbd5d10c7ac
Author: Mark Thomas
AuthorDate: Wed Dec 2 18:51:26 2020 +
Ensure values are not duplicated when manipulating the vary header
---
java/org/apache/tomcat/util/http/ResponseUtil.java | 14 +++---
.../apache/tomcat/util/http/TestResponseUtil.java | 50 +++---
webapps/docs/changelog.xml | 4 ++
3 files changed, 37 insertions(+), 31 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/ResponseUtil.java
b/java/org/apache/tomcat/util/http/ResponseUtil.java
index c0cee24..a39359e 100644
--- a/java/org/apache/tomcat/util/http/ResponseUtil.java
+++ b/java/org/apache/tomcat/util/http/ResponseUtil.java
@@ -21,9 +21,9 @@ import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
-import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
import java.util.List;
-import java.util.Set;
import jakarta.servlet.http.HttpServletResponse;
@@ -76,7 +76,7 @@ public class ResponseUtil {
// the existing values, check if the new value is already present and
// then add it if not. The good news is field names are tokens which
// makes parsing simpler.
-Set fieldNames = new HashSet<>();
+LinkedHashSet fieldNames = new LinkedHashSet<>();
for (String varyHeader : varyHeaders) {
StringReader input = new StringReader(varyHeader);
@@ -97,10 +97,12 @@ public class ResponseUtil {
// Replace existing header(s) to ensure any invalid values are removed
fieldNames.add(name);
StringBuilder varyHeader = new StringBuilder();
-varyHeader.append(name);
-for (String fieldName : fieldNames) {
+Iterator iter = fieldNames.iterator();
+// There must be at least one value as one is added just above
+varyHeader.append(iter.next());
+while (iter.hasNext()) {
varyHeader.append(',');
-varyHeader.append(fieldName);
+varyHeader.append(iter.next());
}
adapter.setHeader(VARY_HEADER, varyHeader.toString());
}
diff --git a/test/org/apache/tomcat/util/http/TestResponseUtil.java
b/test/org/apache/tomcat/util/http/TestResponseUtil.java
index 826cac8..4c760e0 100644
--- a/test/org/apache/tomcat/util/http/TestResponseUtil.java
+++ b/test/org/apache/tomcat/util/http/TestResponseUtil.java
@@ -16,8 +16,8 @@
*/
package org.apache.tomcat.util.http;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.ArrayList;
+import java.util.List;
import org.junit.Assert;
import org.junit.Test;
@@ -31,7 +31,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "host");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -42,7 +42,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "*");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -52,7 +52,7 @@ public class TestResponseUtil {
public void testAddAllWithNone() {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -63,9 +63,9 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, bar");
-Set expected = new HashSet<>();
-expected.add("bar");
+List expected = new ArrayList<>();
expected.add("foo");
+expected.add("bar");
expected.add("too");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -76,7 +76,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, *");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -87,9 +87,9 @@ publi
[tomcat] branch 9.0.x updated: Ensure values are not duplicated when manipulating the vary header
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new a4e061e Ensure values are not duplicated when manipulating the vary
header
a4e061e is described below
commit a4e061e8364ac3413082532d84431e6c896a6127
Author: Mark Thomas
AuthorDate: Wed Dec 2 18:51:26 2020 +
Ensure values are not duplicated when manipulating the vary header
---
java/org/apache/tomcat/util/http/ResponseUtil.java | 14 +++---
.../apache/tomcat/util/http/TestResponseUtil.java | 50 +++---
webapps/docs/changelog.xml | 4 ++
3 files changed, 37 insertions(+), 31 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/ResponseUtil.java
b/java/org/apache/tomcat/util/http/ResponseUtil.java
index 295e7b7..cdc6ceb 100644
--- a/java/org/apache/tomcat/util/http/ResponseUtil.java
+++ b/java/org/apache/tomcat/util/http/ResponseUtil.java
@@ -21,9 +21,9 @@ import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
-import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
import java.util.List;
-import java.util.Set;
import javax.servlet.http.HttpServletResponse;
@@ -76,7 +76,7 @@ public class ResponseUtil {
// the existing values, check if the new value is already present and
// then add it if not. The good news is field names are tokens which
// makes parsing simpler.
-Set fieldNames = new HashSet<>();
+LinkedHashSet fieldNames = new LinkedHashSet<>();
for (String varyHeader : varyHeaders) {
StringReader input = new StringReader(varyHeader);
@@ -97,10 +97,12 @@ public class ResponseUtil {
// Replace existing header(s) to ensure any invalid values are removed
fieldNames.add(name);
StringBuilder varyHeader = new StringBuilder();
-varyHeader.append(name);
-for (String fieldName : fieldNames) {
+Iterator iter = fieldNames.iterator();
+// There must be at least one value as one is added just above
+varyHeader.append(iter.next());
+while (iter.hasNext()) {
varyHeader.append(',');
-varyHeader.append(fieldName);
+varyHeader.append(iter.next());
}
adapter.setHeader(VARY_HEADER, varyHeader.toString());
}
diff --git a/test/org/apache/tomcat/util/http/TestResponseUtil.java
b/test/org/apache/tomcat/util/http/TestResponseUtil.java
index 826cac8..4c760e0 100644
--- a/test/org/apache/tomcat/util/http/TestResponseUtil.java
+++ b/test/org/apache/tomcat/util/http/TestResponseUtil.java
@@ -16,8 +16,8 @@
*/
package org.apache.tomcat.util.http;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.ArrayList;
+import java.util.List;
import org.junit.Assert;
import org.junit.Test;
@@ -31,7 +31,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "host");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -42,7 +42,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "*");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -52,7 +52,7 @@ public class TestResponseUtil {
public void testAddAllWithNone() {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -63,9 +63,9 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, bar");
-Set expected = new HashSet<>();
-expected.add("bar");
+List expected = new ArrayList<>();
expected.add("foo");
+expected.add("bar");
expected.add("too");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -76,7 +76,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, *");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -87,9 +87,9 @@ public cl
[tomcat] branch 8.5.x updated: Ensure values are not duplicated when manipulating the vary header
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 9cda0bf Ensure values are not duplicated when manipulating the vary
header
9cda0bf is described below
commit 9cda0bf32d664c76e2d950fdafd5d4dc55b00a55
Author: Mark Thomas
AuthorDate: Wed Dec 2 18:51:26 2020 +
Ensure values are not duplicated when manipulating the vary header
---
java/org/apache/tomcat/util/http/ResponseUtil.java | 14 +++---
.../apache/tomcat/util/http/TestResponseUtil.java | 50 +++---
webapps/docs/changelog.xml | 4 ++
3 files changed, 37 insertions(+), 31 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/ResponseUtil.java
b/java/org/apache/tomcat/util/http/ResponseUtil.java
index 295e7b7..cdc6ceb 100644
--- a/java/org/apache/tomcat/util/http/ResponseUtil.java
+++ b/java/org/apache/tomcat/util/http/ResponseUtil.java
@@ -21,9 +21,9 @@ import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
-import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
import java.util.List;
-import java.util.Set;
import javax.servlet.http.HttpServletResponse;
@@ -76,7 +76,7 @@ public class ResponseUtil {
// the existing values, check if the new value is already present and
// then add it if not. The good news is field names are tokens which
// makes parsing simpler.
-Set fieldNames = new HashSet<>();
+LinkedHashSet fieldNames = new LinkedHashSet<>();
for (String varyHeader : varyHeaders) {
StringReader input = new StringReader(varyHeader);
@@ -97,10 +97,12 @@ public class ResponseUtil {
// Replace existing header(s) to ensure any invalid values are removed
fieldNames.add(name);
StringBuilder varyHeader = new StringBuilder();
-varyHeader.append(name);
-for (String fieldName : fieldNames) {
+Iterator iter = fieldNames.iterator();
+// There must be at least one value as one is added just above
+varyHeader.append(iter.next());
+while (iter.hasNext()) {
varyHeader.append(',');
-varyHeader.append(fieldName);
+varyHeader.append(iter.next());
}
adapter.setHeader(VARY_HEADER, varyHeader.toString());
}
diff --git a/test/org/apache/tomcat/util/http/TestResponseUtil.java
b/test/org/apache/tomcat/util/http/TestResponseUtil.java
index 826cac8..4c760e0 100644
--- a/test/org/apache/tomcat/util/http/TestResponseUtil.java
+++ b/test/org/apache/tomcat/util/http/TestResponseUtil.java
@@ -16,8 +16,8 @@
*/
package org.apache.tomcat.util.http;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.ArrayList;
+import java.util.List;
import org.junit.Assert;
import org.junit.Test;
@@ -31,7 +31,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "host");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -42,7 +42,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "*");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -52,7 +52,7 @@ public class TestResponseUtil {
public void testAddAllWithNone() {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -63,9 +63,9 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, bar");
-Set expected = new HashSet<>();
-expected.add("bar");
+List expected = new ArrayList<>();
expected.add("foo");
+expected.add("bar");
expected.add("too");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -76,7 +76,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, *");
-Set expected = new HashSet<>();
+List expected = new ArrayList<>();
expected.add("*");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -87,9 +87,9 @@ public cl
[GitHub] [tomcat] markt-asf closed pull request #383: Fix so ResponseUtil:addVaryFieldName() stop adding duplicate values
markt-asf closed pull request #383: URL: https://github.com/apache/tomcat/pull/383 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #383: Fix so ResponseUtil:addVaryFieldName() stop adding duplicate values
markt-asf commented on pull request #383: URL: https://github.com/apache/tomcat/pull/383#issuecomment-737428376 Thanks for the pull request. I've applied a slightly different version as: - we patch 10.0.x first and then back-port - I agree it is better if the tests don't use Set - On reflection, I think it is better not to modify the existing header order and add any new value to the end That last point isn't strictly necessary but it strikes me as what users will expect. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch 7.0.x updated: Ensure values are not duplicated when manipulating the vary header
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new 03454db Ensure values are not duplicated when manipulating the vary
header
03454db is described below
commit 03454dba0567c02e585ad1e745c840925dc650ce
Author: Mark Thomas
AuthorDate: Wed Dec 2 18:51:26 2020 +
Ensure values are not duplicated when manipulating the vary header
---
java/org/apache/tomcat/util/http/ResponseUtil.java | 14 +++---
.../apache/tomcat/util/http/TestResponseUtil.java | 50 +++---
webapps/docs/changelog.xml | 4 ++
3 files changed, 37 insertions(+), 31 deletions(-)
diff --git a/java/org/apache/tomcat/util/http/ResponseUtil.java
b/java/org/apache/tomcat/util/http/ResponseUtil.java
index 1c40d3b..4f5cfbd 100644
--- a/java/org/apache/tomcat/util/http/ResponseUtil.java
+++ b/java/org/apache/tomcat/util/http/ResponseUtil.java
@@ -21,9 +21,9 @@ import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
-import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
import java.util.List;
-import java.util.Set;
import javax.servlet.http.HttpServletResponse;
@@ -76,7 +76,7 @@ public class ResponseUtil {
// the existing values, check if the new value is already present and
// then add it if not. The good news is field names are tokens which
// makes parsing simpler.
-Set fieldNames = new HashSet();
+LinkedHashSet fieldNames = new LinkedHashSet();
for (String varyHeader : varyHeaders) {
StringReader input = new StringReader(varyHeader);
@@ -97,10 +97,12 @@ public class ResponseUtil {
// Replace existing header(s) to ensure any invalid values are removed
fieldNames.add(name);
StringBuilder varyHeader = new StringBuilder();
-varyHeader.append(name);
-for (String fieldName : fieldNames) {
+Iterator iter = fieldNames.iterator();
+// There must be at least one value as one is added just above
+varyHeader.append(iter.next());
+while (iter.hasNext()) {
varyHeader.append(',');
-varyHeader.append(fieldName);
+varyHeader.append(iter.next());
}
adapter.setHeader(VARY_HEADER, varyHeader.toString());
}
diff --git a/test/org/apache/tomcat/util/http/TestResponseUtil.java
b/test/org/apache/tomcat/util/http/TestResponseUtil.java
index 68b296d..2597ff4 100644
--- a/test/org/apache/tomcat/util/http/TestResponseUtil.java
+++ b/test/org/apache/tomcat/util/http/TestResponseUtil.java
@@ -16,8 +16,8 @@
*/
package org.apache.tomcat.util.http;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.ArrayList;
+import java.util.List;
import org.junit.Assert;
import org.junit.Test;
@@ -31,7 +31,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "host");
-Set expected = new HashSet();
+List expected = new ArrayList();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -42,7 +42,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "*");
-Set expected = new HashSet();
+List expected = new ArrayList();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -52,7 +52,7 @@ public class TestResponseUtil {
public void testAddAllWithNone() {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
-Set expected = new HashSet();
+List expected = new ArrayList();
expected.add("*");
doTestAddVaryFieldName(response, "*", expected);
}
@@ -63,9 +63,9 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, bar");
-Set expected = new HashSet();
-expected.add("bar");
+List expected = new ArrayList();
expected.add("foo");
+expected.add("bar");
expected.add("too");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -76,7 +76,7 @@ public class TestResponseUtil {
TesterResponse response = new TesterResponse();
response.getCoyoteResponse();
response.addHeader("vary", "foo, *");
-Set expected = new HashSet();
+List expected = new ArrayList();
expected.add("*");
doTestAddVaryFieldName(response, "too", expected);
}
@@ -87,9 +87,9 @@ public class TestResponseUtil {
[Bug 63802] epoll spin detection is missing
https://bz.apache.org/bugzilla/show_bug.cgi?id=63802 Mark Thomas changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #7 from Mark Thomas --- Resolving as WONTFIX as per previous comments -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] branch master updated (a9aa71e -> df3a323)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomcat.git. from a9aa71e Ensure values are not duplicated when manipulating the vary header add df3a323 It is time to drop the milestone modifier No new revisions were added by this update. Summary of changes: build.properties.default | 2 +- res/maven/mvn.properties.default | 2 +- webapps/docs/changelog.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] tag 10.0.0 created (now 4c8b650)
This is an automated email from the ASF dual-hosted git repository. markt pushed a change to tag 10.0.0 in repository https://gitbox.apache.org/repos/asf/tomcat.git. at 4c8b650 (commit) This tag includes the following new commits: new 4c8b650 Tag 10.0.0 The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat] 01/01: Tag 10.0.0
This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to tag 10.0.0 in repository https://gitbox.apache.org/repos/asf/tomcat.git commit 4c8b650437e2464c1c31c6598a263b3805b7a81f Author: Mark Thomas AuthorDate: Wed Dec 2 20:32:14 2020 + Tag 10.0.0 --- build.properties.default | 2 +- webapps/docs/changelog.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build.properties.default b/build.properties.default index 110d60f..3ce6a4c 100644 --- a/build.properties.default +++ b/build.properties.default @@ -27,7 +27,7 @@ version.major=10 version.minor=0 version.build=0 version.patch=0 -version.suffix=-dev +version.suffix= # - Source control flags - git.branch=master diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 1c768d4..5714a6a 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -103,7 +103,7 @@ They eventually become mixed with the numbered issues (i.e., numbered issues do not "pop up" wrt. others). --> - + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
