Commit cd6fa3f2 authored by Miguel Landaeta's avatar Miguel Landaeta

Imported Upstream version 7.0.39

parent 11c13411
......@@ -15,7 +15,7 @@
limitations under the License.
================================================================================
$Id: BUILDING.txt 1430451 2013-01-08 19:11:23Z kkolinko $
$Id: BUILDING.txt 1457383 2013-03-17 06:22:36Z kkolinko $
====================================================
Building The Apache Tomcat @VERSION_MAJOR_MINOR@ Servlet/JSP Container
......@@ -192,12 +192,28 @@ For a quick rebuild of only modified code you can use:
(5) Special builds
Some Tomcat components, that are included in the full release, but are not
built during the default "deploy" build, can also be built separately.
There are several targets in Tomcat build files that are useful to be
called separately. They build components that you may want to build
quickly, or ones that are included in the full release and are not built
during the default "deploy" build.
(5.1) Building API documentation (Javadoc)
(5.1) Building documentation
The API documentation can be easily built:
The documentation web application is built during the default "deploy"
build.
It can be built quickly by using the following commands:
cd ${tomcat.source}
ant build-docs
The output of this command will be found in the following directory:
output/build/webapps/docs
The API documentation (Javadoc) is built during a "release" build. It is
easy to build it separately by using the following commands:
cd ${tomcat.source}
ant javadoc
......@@ -209,13 +225,24 @@ The output of this command will be found in the following directories:
output/dist/webapps/docs/jspapi
output/dist/webapps/docs/servletapi
(5.2) Building the extras (commons-logging, webservices etc.)
These components are documented on the "Additional Components"
(extras.html) page of documentation. They are built during a "release"
build.
You can build them by using the following commands:
cd ${tomcat.source}
ant extras
(5.3) Building the embedded packages
These are built during a "release" build.
You can build them by using the following commands:
cd ${tomcat.source}
ant embed
......
......@@ -15,7 +15,7 @@
limitations under the License.
================================================================================
$Id: RUNNING.txt 1430483 2013-01-08 20:19:13Z kkolinko $
$Id: RUNNING.txt 1456725 2013-03-14 23:48:06Z kkolinko $
===================================================
Running The Apache Tomcat @VERSION_MAJOR_MINOR@ Servlet/JSP Container
......@@ -314,6 +314,8 @@ The file will look like the following:
<?xml version="1.0" encoding="UTF-8"?>
<Context docBase="${catalina.home}/webapps/manager"
antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.0\.0\.1" />
</Context>
See Deployer chapter in User Guide and Context and Host chapters in the
......
......@@ -48,3 +48,10 @@ PATCHES PROPOSED TO BACKPORT:
http://svn.apache.org/viewvc?rev=1430602&view=rev
+1: markt
-1:
* Back-port r1437083 from trunk.
http://svn.apache.org/viewvc?view=revision&revision=1437083
Adds SSLContext.clearOptions method to allow clearing of SSL_OP_* options
in OpenSSL.
This will require tcnative 1.1.25 or errors may be thrown when attempting
to call this method.
......@@ -94,7 +94,7 @@
# Example (all one line)
# LOGGING_MANAGER="-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
#
# $Id: catalina.sh 1202062 2011-11-15 06:50:02Z mturk $
# $Id: catalina.sh 1449412 2013-02-23 21:31:48Z kkolinko $
# -----------------------------------------------------------------------------
# OS specific support. $var _must_ be set to either true or false.
......@@ -228,9 +228,7 @@ if [ -z "$LOGGING_CONFIG" ]; then
fi
if [ -z "$LOGGING_MANAGER" ]; then
JAVA_OPTS="$JAVA_OPTS -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
else
JAVA_OPTS="$JAVA_OPTS $LOGGING_MANAGER"
LOGGING_MANAGER="-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
fi
# Uncomment the following line to make the umask available when using the
......@@ -283,7 +281,7 @@ if [ "$1" = "debug" ] ; then
echo "Using Security Manager"
fi
shift
exec "$_RUNJDB" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
exec "$_RUNJDB" "$LOGGING_CONFIG" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-sourcepath "$CATALINA_HOME"/../../java \
-Djava.security.manager \
......@@ -293,7 +291,7 @@ if [ "$1" = "debug" ] ; then
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap "$@" start
else
exec "$_RUNJDB" "$LOGGING_CONFIG" $JAVA_OPTS $CATALINA_OPTS \
exec "$_RUNJDB" "$LOGGING_CONFIG" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" -classpath "$CLASSPATH" \
-sourcepath "$CATALINA_HOME"/../../java \
-Dcatalina.base="$CATALINA_BASE" \
......@@ -311,7 +309,7 @@ elif [ "$1" = "run" ]; then
echo "Using Security Manager"
fi
shift
eval exec \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $JAVA_OPTS $CATALINA_OPTS \
eval exec \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs=\"$JAVA_ENDORSED_DIRS\" -classpath \"$CLASSPATH\" \
-Djava.security.manager \
-Djava.security.policy==\"$CATALINA_BASE/conf/catalina.policy\" \
......@@ -320,7 +318,7 @@ elif [ "$1" = "run" ]; then
-Djava.io.tmpdir=\"$CATALINA_TMPDIR\" \
org.apache.catalina.startup.Bootstrap "$@" start
else
eval exec \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $JAVA_OPTS $CATALINA_OPTS \
eval exec \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs=\"$JAVA_ENDORSED_DIRS\" -classpath \"$CLASSPATH\" \
-Dcatalina.base=\"$CATALINA_BASE\" \
-Dcatalina.home=\"$CATALINA_HOME\" \
......@@ -375,7 +373,7 @@ elif [ "$1" = "start" ] ; then
echo "Using Security Manager"
fi
shift
eval \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $JAVA_OPTS $CATALINA_OPTS \
eval \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs=\"$JAVA_ENDORSED_DIRS\" -classpath \"$CLASSPATH\" \
-Djava.security.manager \
-Djava.security.policy==\"$CATALINA_BASE/conf/catalina.policy\" \
......@@ -386,7 +384,7 @@ elif [ "$1" = "start" ] ; then
>> "$CATALINA_OUT" 2>&1 "&"
else
eval \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $JAVA_OPTS $CATALINA_OPTS \
eval \"$_RUNJAVA\" \"$LOGGING_CONFIG\" $LOGGING_MANAGER $JAVA_OPTS $CATALINA_OPTS \
-Djava.endorsed.dirs=\"$JAVA_ENDORSED_DIRS\" -classpath \"$CLASSPATH\" \
-Dcatalina.base=\"$CATALINA_BASE\" \
-Dcatalina.home=\"$CATALINA_HOME\" \
......@@ -436,7 +434,7 @@ elif [ "$1" = "stop" ] ; then
fi
fi
eval \"$_RUNJAVA\" $JAVA_OPTS \
eval \"$_RUNJAVA\" $LOGGING_MANAGER $JAVA_OPTS \
-Djava.endorsed.dirs=\"$JAVA_ENDORSED_DIRS\" -classpath \"$CLASSPATH\" \
-Dcatalina.base=\"$CATALINA_BASE\" \
-Dcatalina.home=\"$CATALINA_HOME\" \
......@@ -489,7 +487,7 @@ elif [ "$1" = "stop" ] ; then
elif [ "$1" = "configtest" ] ; then
eval \"$_RUNJAVA\" $JAVA_OPTS \
eval \"$_RUNJAVA\" $LOGGING_MANAGER $JAVA_OPTS \
-Djava.endorsed.dirs=\"$JAVA_ENDORSED_DIRS\" -classpath \"$CLASSPATH\" \
-Dcatalina.base=\"$CATALINA_BASE\" \
-Dcatalina.home=\"$CATALINA_HOME\" \
......
......@@ -21,13 +21,13 @@
# modules that Tomcat depends on. Copy this file to "build.properties"
# in the top-level source directory, and customize it as needed.
#
# $Id: build.properties.default 1431695 2013-01-10 22:12:08Z markt $
# $Id: build.properties.default 1459741 2013-03-22 12:32:01Z markt $
# -----------------------------------------------------------------------------
# ----- Version Control Flags -----
version.major=7
version.minor=0
version.build=35
version.build=39
version.patch=0
version.suffix=
......@@ -132,7 +132,7 @@ jdt.loc.1=http://archive.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj
jdt.loc.2=http://download.eclipse.org/eclipse/downloads/drops4/${jdt.release}/ecj-${jdt.version}.jar
# ----- Tomcat native library -----
tomcat-native.version=1.1.24
tomcat-native.version=1.1.27
tomcat-native.home=${base.path}/tomcat-native-${tomcat-native.version}
tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
tomcat-native.loc.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
......@@ -161,7 +161,7 @@ nsis.nsisdl.dll=${nsis.home}/Plugins/NSISdl.dll
nsis.loc=${base-sf.loc}/nsis/nsis-2.46.zip
# ----- Commons Daemon, version 1.0-Alpha or later -----
commons-daemon.version=1.0.10
commons-daemon.version=1.0.14
commons-daemon.home=${base.path}/commons-daemon-${commons-daemon.version}
commons-daemon.jar=${commons-daemon.home}/commons-daemon-${commons-daemon.version}.jar
commons-daemon.native.win.home=${commons-daemon.home}/windows
......@@ -175,7 +175,7 @@ commons-daemon.native.src.loc.2=${base-commons.loc.2}/daemon/source/commons-daem
commons-daemon.native.win.loc.1=${base-commons.loc.1}/daemon/binaries/windows/commons-daemon-${commons-daemon.version}-bin-windows.zip
commons-daemon.native.win.loc.2=${base-commons.loc.2}/daemon/binaries/windows/commons-daemon-${commons-daemon.version}-bin-windows.zip
# ----- JUnit Unit Test Suite, version 3.7 or later -----
# ----- JUnit Unit Test Suite, version 4.8 or later -----
junit.home=${base.path}/junit4.8.2
junit.lib=${junit.home}
junit.jar=${junit.lib}/junit-4.8.2.jar
......
......@@ -1662,7 +1662,7 @@ Apache Tomcat ${version} native binaries for Win64 AMD64/EMT64 platform.
<link href="../jspapi"/>
<link href="../elapi"/>
<link href="http://docs.oracle.com/javase/6/docs/api/"/>
<link href="http://commons.apache.org/io/api-release/"/>
<link href="http://commons.apache.org/proper/commons-io/javadocs/api-release/"/>
<link href="http://docs.oracle.com/javaee/6/api/"/>
<sourcepath>
<path location="${tomcat.dist}/src/java"/>
......
......@@ -87,9 +87,6 @@ shared.loader=
# - Jasper JARs
# - Tomcat JARs
# - Common non-Tomcat JARs
# - Sun JDK JARs
# - OpenJDK JARs
# - Apple JDK JARs
tomcat.util.scan.DefaultJarScanner.jarsToSkip=\
bootstrap.jar,commons-daemon.jar,tomcat-juli.jar,\
annotations-api.jar,el-api.jar,jsp-api.jar,servlet-api.jar,\
......@@ -109,13 +106,6 @@ geronimo-spec-jaxrpc*.jar,wsdl4j*.jar,\
ant.jar,ant-junit*.jar,aspectj*.jar,jmx.jar,h2*.jar,hibernate*.jar,httpclient*.jar,\
jmx-tools.jar,jta*.jar,log4j*.jar,mail*.jar,slf4j*.jar,\
xercesImpl.jar,xmlParserAPIs.jar,xml-apis.jar,\
access-bridge.jar,access-bridge-64.jar,dnsns.jar,jaccess.jar,ldapsec.jar,localedata.jar,\
sunjce_provider.jar,sunmscapi.jar,sunpkcs11.jar,jhall.jar,tools.jar,\
sunec.jar,zipfs.jar,\
gnome-java-bridge.jar,pulse-java.jar,\
apple_provider.jar,AppleScriptEngine.jar,CoreAudio.jar,dns_sd.jar,\
j3daudio.jar,j3dcore.jar,j3dutils.jar,jai_core.jar,jai_codec.jar,\
mlibwrapper_jai.jar,MRJToolkit.jar,vecmath.jar,\
junit.jar,junit-*.jar,ant-launcher.jar
# Additional JARs (over and above the default JARs listed above) to skip when
......
......@@ -750,8 +750,12 @@ class NoBodyResponse extends HttpServletResponseWrapper {
// file private
void setContentLength() {
if (!didSetContentLength)
super.setContentLength(noBody.getContentLength());
if (!didSetContentLength) {
if (writer != null) {
writer.flush();
}
super.setContentLength(noBody.getContentLength());
}
}
......
......@@ -21,24 +21,87 @@ import java.io.InputStream;
import java.util.Collection;
/**
* This class represents a part as uploaded to the server as part of a
* <code>multipart/form-data</code> request body. The part may represent either
* an uploaded file or form data.
*
* @since Servlet 3.0
* TODO SERVLET3 - Add comments
*/
public interface Part {
/**
* Obtain an <code>InputStream</code> that can be used to retrieve the
* contents of the file.
*/
public InputStream getInputStream() throws IOException;
/**
* Obtain the content type passed by the browser or <code>null</code> if not
* defined.
*/
public String getContentType();
/**
* Obtain the name of the field in the multipart form corresponding to this
* part.
*/
public String getName();
/**
* Obtain the size of this part.
*/
public long getSize();
/**
* A convenience method to write an uploaded part to disk. The client code
* is not concerned with whether or not the part is stored in memory, or on
* disk in a temporary location. They just want to write the uploaded part
* to a file.
*
* This method is not guaranteed to succeed if called more than once for
* the same part. This allows a particular implementation to use, for
* example, file renaming, where possible, rather than copying all of the
* underlying data, thus gaining a significant performance benefit.
*
* @param fileName The location into which the uploaded part should be
* stored. Relative locations are relative to {@link
* javax.servlet.MultipartConfigElement#getLocation()}
*/
public void write(String fileName) throws IOException;
/**
* Deletes the underlying storage for a part, including deleting any
* associated temporary disk file. Although the container will delete this
* storage automatically this method can be used to ensure that this is done
* at an earlier time, thus preserving system resources.
* <p>
* Containers are only required to delete the associated storage when the
* Part instance is garbage collected. Apache Tomcat will delete the
* associated storage when the associated request has finished processing.
* Behaviour of other containers may be different.
*/
public void delete() throws IOException;
/**
* Obtains the value of the specified mime header for the part.
* @param name Header name
* @return The header value or <code>null</code> if the header is not
* present
* Obtains the value of the specified part header as a String. If there are
* multiple headers with the same name, this method returns the first header
* in the part. The header name is case insensitive.
*
* @param name Header name
* @return The header value or <code>null</code> if the header is not
* present
*/
public String getHeader(String name);
/**
* Obtain all the values of the specified part header. If the part did not
* include any headers of the specified name, this method returns an empty
* Collection. The header name is case insensitive.
*/
public Collection<String> getHeaders(String name);
/**
* Returns a Collection of all the header names provided for this part.
*/
public Collection<String> getHeaderNames();
}
......@@ -26,9 +26,9 @@ import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.nio.charset.Charset;
import org.apache.catalina.util.Base64;
import org.apache.tomcat.util.buf.B2CConverter;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tools.ant.BuildException;
import org.apache.tools.ant.Project;
......@@ -39,7 +39,7 @@ import org.apache.tools.ant.Project;
* undeploying applications. These tasks require Ant 1.4 or later.
*
* @author Craig R. McClanahan
* @version $Id: AbstractCatalinaTask.java 1138019 2011-06-21 14:29:49Z markt $
* @version $Id: AbstractCatalinaTask.java 1459346 2013-03-21 15:05:54Z markt $
* @since 4.1
*/
......@@ -201,8 +201,8 @@ public abstract class AbstractCatalinaTask extends BaseRedirectorHelperTask {
// Set up an authorization header with our credentials
String input = username + ":" + password;
String output =
Base64.encode(input.getBytes(Charset.defaultCharset()));
String output = Base64.encodeBase64String(
input.getBytes(B2CConverter.ISO_8859_1));
hconn.setRequestProperty("Authorization",
"Basic " + output);
......
......@@ -27,12 +27,12 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.util.Base64;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.buf.B2CConverter;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.CharChunk;
import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.codec.binary.Base64;
......@@ -42,7 +42,7 @@ import org.apache.tomcat.util.buf.MessageBytes;
* and Digest Access Authentication."
*
* @author Craig R. McClanahan
* @version $Id: BasicAuthenticator.java 1189224 2011-10-26 14:02:40Z kkolinko $
* @version $Id: BasicAuthenticator.java 1459346 2013-03-21 15:05:54Z markt $
*/
public class BasicAuthenticator
......@@ -135,21 +135,29 @@ public class BasicAuthenticator
ByteChunk authorizationBC = authorization.getByteChunk();
if (authorizationBC.startsWithIgnoreCase("basic ", 0)) {
authorizationBC.setOffset(authorizationBC.getOffset() + 6);
// FIXME: Add trimming
// authorizationBC.trim();
CharChunk authorizationCC = authorization.getCharChunk();
Base64.decode(authorizationBC, authorizationCC);
byte[] decoded = Base64.decodeBase64(
authorizationBC.getBuffer(),
authorizationBC.getOffset(),
authorizationBC.getLength());
// Get username and password
int colon = authorizationCC.indexOf(':');
int colon = -1;
for (int i = 0; i < decoded.length; i++) {
if (decoded[i] == ':') {
colon = i;
break;
}
}
if (colon < 0) {
username = authorizationCC.toString();
username = new String(decoded, B2CConverter.ISO_8859_1);
} else {
char[] buf = authorizationCC.getBuffer();
username = new String(buf, 0, colon);
password = new String(buf, colon + 1,
authorizationCC.getEnd() - colon - 1);
username = new String(
decoded, 0, colon, B2CConverter.ISO_8859_1);
password = new String(
decoded, colon + 1, decoded.length - colon - 1,
B2CConverter.ISO_8859_1);
}
authorizationBC.setOffset(authorizationBC.getOffset() - 6);
......
......@@ -50,7 +50,7 @@ import org.apache.tomcat.util.http.parser.HttpParser;
*
* @author Craig R. McClanahan
* @author Remy Maucherat
* @version $Id: DigestAuthenticator.java 1405416 2012-11-03 20:55:42Z markt $
* @version $Id: DigestAuthenticator.java 1443407 2013-02-07 11:03:34Z markt $
*/
public class DigestAuthenticator extends AuthenticatorBase {
......@@ -113,6 +113,14 @@ public class DigestAuthenticator extends AuthenticatorBase {
protected Map<String,NonceInfo> nonces;
/**
* The last timestamp used to generate a nonce. Each nonce should get a
* unique timestamp.
*/
protected long lastTimestamp = 0;
protected final Object lastTimestampLock = new Object();
/**
* Maximum number of server nonces to keep in the cache. If not specified,
* the default value of 1000 is used.
......@@ -399,6 +407,13 @@ public class DigestAuthenticator extends AuthenticatorBase {
long currentTime = System.currentTimeMillis();
synchronized (lastTimestampLock) {
if (currentTime > lastTimestamp) {
lastTimestamp = currentTime;
} else {
currentTime = ++lastTimestamp;
}
}
String ipTimeKey =
request.getRemoteAddr() + ":" + currentTime + ":" + getKey();
......
......@@ -52,7 +52,7 @@ import org.apache.tomcat.util.http.MimeHeaders;
*
* @author Craig R. McClanahan
* @author Remy Maucherat
* @version $Id: FormAuthenticator.java 1408044 2012-11-11 16:42:02Z kkolinko $
* @version $Id: FormAuthenticator.java 1453546 2013-03-06 20:48:18Z markt $
*/
public class FormAuthenticator
......@@ -539,6 +539,16 @@ public class FormAuthenticator
return (false);
}
// Swallow any request body since we will be replacing it
// Need to do this before headers are restored as AJP connector uses
// content length header to determine how much data needs to be read for
// request body
byte[] buffer = new byte[4096];
InputStream is = request.createInputStream();
while (is.read(buffer) >= 0) {
// Ignore request body
}
// Modify our current request to reflect the original one
request.clearCookies();
Iterator<Cookie> cookies = saved.getCookies();
......@@ -576,13 +586,6 @@ public class FormAuthenticator
request.getCoyoteRequest().getParameters().setQueryStringEncoding(
request.getConnector().getURIEncoding());
// Swallow any request body since we will be replacing it
byte[] buffer = new byte[4096];
InputStream is = request.createInputStream();
while (is.read(buffer) >= 0) {
// Ignore request body
}
ByteChunk body = saved.getBody();
if (body != null) {
......
......@@ -55,7 +55,7 @@ import org.apache.tomcat.util.res.StringManager;
* </ul>
*
* @author Craig R. McClanahan
* @version $Id: SingleSignOn.java 1188401 2011-10-24 21:50:26Z markt $
* @version $Id: SingleSignOn.java 1439783 2013-01-29 08:29:57Z kfujino $
*/
public class SingleSignOn extends ValveBase implements SessionListener {
......@@ -214,6 +214,10 @@ public class SingleSignOn extends ValveBase implements SessionListener {
@Override
public void sessionEvent(SessionEvent event) {
if (!getState().isAvailable()) {
return;
}
// We only care about session destroyed events
if (!Session.SESSION_DESTROYED_EVENT.equals(event.getType())
&& (!Session.SESSION_PASSIVATED_EVENT.equals(event.getType())))
......@@ -238,7 +242,8 @@ public class SingleSignOn extends ValveBase implements SessionListener {
if (((session.getMaxInactiveInterval() > 0)
&& (System.currentTimeMillis() - session.getThisAccessedTimeInternal() >=
session.getMaxInactiveInterval() * 1000))
|| (Session.SESSION_PASSIVATED_EVENT.equals(event.getType()))) {
|| (Session.SESSION_PASSIVATED_EVENT.equals(event.getType()))
|| (!session.getManager().getContainer().getState().isAvailable())) {
removeSession(ssoId, session);
} else {
// The session was logged out.
......
......@@ -32,11 +32,11 @@ import org.apache.catalina.LifecycleException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.startup.Bootstrap;
import org.apache.catalina.util.Base64;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.codec.binary.Base64;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
......@@ -190,13 +190,12 @@ public class SpnegoAuthenticator extends AuthenticatorBase {
}
authorizationBC.setOffset(authorizationBC.getOffset() + 10);
// FIXME: Add trimming
// authorizationBC.trim();
ByteChunk decoded = new ByteChunk();
Base64.decode(authorizationBC, decoded);
byte[] decoded = Base64.decodeBase64(authorizationBC.getBuffer(),
authorizationBC.getOffset(),
authorizationBC.getLength());
if (decoded.getLength() == 0) {
if (decoded.length == 0) {
if (log.isDebugEnabled()) {
log.debug(sm.getString(
"spnegoAuthenticator.authHeaderNoToken"));
......@@ -235,8 +234,7 @@ public class SpnegoAuthenticator extends AuthenticatorBase {
};
gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));
outToken = gssContext.acceptSecContext(decoded.getBytes(),
decoded.getOffset(), decoded.getLength());
outToken = gssContext.acceptSecContext(decoded, 0, decoded.length);
if (outToken == null) {
if (log.isDebugEnabled()) {
......@@ -283,7 +281,7 @@ public class SpnegoAuthenticator extends AuthenticatorBase {
// Send response token on success and failure
response.setHeader("WWW-Authenticate", "Negotiate "
+ Base64.encode(outToken));
+ Base64.encodeBase64String(outToken));
if (principal != null) {
register(request, response, principal, Constants.SPNEGO_METHOD,
......
......@@ -23,6 +23,7 @@ import java.util.EnumSet;
import javax.servlet.RequestDispatcher;
import javax.servlet.SessionTrackingMode;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.Context;
import org.apache.catalina.Host;
......@@ -55,7 +56,7 @@ import org.apache.tomcat.util.res.StringManager;
*
* @author Craig R. McClanahan
* @author Remy Maucherat
* @version $Id: CoyoteAdapter.java 1409036 2012-11-13 23:55:26Z markt $
* @version $Id: CoyoteAdapter.java 1452797 2013-03-05 14:04:57Z markt $
*/
public class CoyoteAdapter implements Adapter {
......@@ -980,28 +981,30 @@ public class CoyoteAdapter implements Adapter {
B2CConverter conv = request.getURIConverter();
try {
if (conv == null) {
conv = new B2CConverter(enc);
conv = new B2CConverter(enc, true);
request.setURIConverter(conv);
} else {
conv.recycle();
}
} catch (IOException e) {
// Ignore
log.error("Invalid URI encoding; using HTTP default");
connector.setURIEncoding(null);
}