Skip to content
Commits on Source (4)
Show whitespace changes
Inline Side-by-side
MERGE.txt
View file @ 6d1efd00
......@@ -36,14 +36,14 @@ BCEL
Sub-tree:
src/main/java/org/apache/bcel
The SHA1 ID for the most recent commit to be merged to Tomcat is:
33b9f8718ac00b2cbbcc3bf498e55872a3066f19 (2019-04-27)
4b760bb53b57b704006a0a33f7ec187b7e7f5ebc (2019-08-01)
Codec
-----
Sub-tree:
src/main/java/org/apache/commons/codec
The SHA1 ID for the most recent commit to be merged to Tomcat is:
8502e2f14a6eafb0afa0964b34d1d1bb02b44f64 (2019-04-23)
3ebef4ad92e31697fb52ca7cc71904c68654c2c8 (2019-08-01)
Note: Only classes required for Base64 encoding/decoding. The rest are removed.
FileUpload
......@@ -51,7 +51,7 @@ FileUpload
Sub-tree:
src/main/java/org/apache/commons/fileupload2
The SHA1 ID for the most recent commit to be merged to Tomcat is:
41e40479f3000dc456d27951060fda01b87fbe9a (2019-04-24)
9958ea2426ec5682a7c929a13372c04426ee3818 (2019-08-01)
Note: Tomcat's copy of fileupload also includes classes copied manually from
Commons IO.
......@@ -63,10 +63,10 @@ Sub-tree
src/main/java/org/apache/commons/dbcp2
src/main/resources/org/apache/commons/dbcp2
The SHA1 ID for the most recent commit to be merged to Tomcat is:
dcdbc72acf51155d2a6c3f10461d9712a3623686 (2019-04-24)
4813b7f5456c1f4fecc4f701ac731a71f57db249 (2019-08-09)
Pool2
Sub-tree
src/main/java/org/apache/commons/pool2
The SHA1 ID for the most recent commit to be merged to Tomcat is:
0664f4dac9ef653703624cbe67272134cf0151cb (2019-04-30)
796e32d53cc0d870ba0db3a7faf4c5b24ff76f3f (2019-08-01)
bin/catalina.sh
View file @ 6d1efd00
......@@ -514,7 +514,7 @@ elif [ "$1" = "stop" ] ; then
fi
fi
eval "\"$_RUNJAVA\"" $JAVA_OPTS \
eval "\"$_RUNJAVA\"" $LOGGING_MANAGER $JAVA_OPTS \
-D$ENDORSED_PROP="\"$JAVA_ENDORSED_DIRS\"" \
-classpath "\"$CLASSPATH\"" \
-Dcatalina.base="\"$CATALINA_BASE\"" \
......
bin/service.bat
View file @ 6d1efd00
......@@ -17,33 +17,91 @@ rem limitations under the License.
rem ---------------------------------------------------------------------------
rem NT Service Install/Uninstall script
rem
rem Usage: service.bat install/remove [service_name [--rename]] [--user username]
rem
rem Options
rem install Install the service using Tomcat@VERSION_MAJOR@ as service name.
rem Service is installed using default settings.
rem remove Remove the service from the System.
rem install Install the service using default settings.
rem remove Remove the service from the system.
rem
rem service_name (optional) The name to use for the service. If not specified,
rem Tomcat@VERSION_MAJOR@ is used as the service name.
rem
rem name (optional) If the second argument is present it is considered
rem to be new service name
rem --rename (optional) Rename tomcat@VERSION_MAJOR@.exe and tomcat@VERSION_MAJOR@w.exe to match
rem the non-default service name.
rem
rem username (optional) The name of the OS user to use to install/remove
rem the service (not the name of the OS user the
rem service will run as). If not specified, the current
rem user is used.
rem ---------------------------------------------------------------------------
setlocal
set "SELF=%~dp0%service.bat"
rem Guess CATALINA_HOME if not defined
set DEFAULT_SERVICE_NAME=Tomcat@VERSION_MAJOR@
set SERVICE_NAME=%DEFAULT_SERVICE_NAME%
set "CURRENT_DIR=%cd%"
rem Parse the arguments
if "x%1x" == "xx" goto displayUsage
set SERVICE_CMD=%1
shift
if "x%1x" == "xx" goto checkEnv
:checkUser
if "x%1x" == "x/userx" goto runAsUser
if "x%1x" == "x--userx" goto runAsUser
set SERVICE_NAME=%1
shift
if "x%1x" == "xx" goto checkEnv
if "x%1x" == "x--renamex" (
set RENAME=%1
shift
)
if "x%1x" == "xx" goto checkEnv
goto checkUser
:runAsUser
shift
if "x%1x" == "xx" goto displayUsage
set SERVICE_USER=%1
shift
runas /env /savecred /user:%SERVICE_USER% "%COMSPEC% /K \"%SELF%\" %SERVICE_CMD% %SERVICE_NAME%"
goto end
rem Check the environment
:checkEnv
rem Guess CATALINA_HOME if not defined
if not "%CATALINA_HOME%" == "" goto gotHome
set "CATALINA_HOME=%cd%"
if exist "%CATALINA_HOME%\bin\tomcat@VERSION_MAJOR@.exe" goto okHome
if exist "%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe" goto okHome
if exist "%CATALINA_HOME%\bin\%SERVICE_NAME%.exe" goto okHome
rem CD to the upper dir
cd ..
set "CATALINA_HOME=%cd%"
:gotHome
if exist "%CATALINA_HOME%\bin\tomcat@VERSION_MAJOR@.exe" goto okHome
echo The tomcat@VERSION_MAJOR@.exe was not found...
echo The CATALINA_HOME environment variable is not defined correctly.
echo This environment variable is needed to run this program
if exist "%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe" (
set "EXECUTABLE=%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe"
goto okHome
)
if exist "%CATALINA_HOME%\bin\%SERVICE_NAME%.exe" (
set "EXECUTABLE=%CATALINA_HOME%\bin\%SERVICE_NAME%.exe"
goto okHome
)
if "%DEFAULT_SERVICE_NAME%"== "%SERVICE_NAME%" (
echo The file %DEFAULT_SERVICE_NAME%.exe was not found...
) else (
echo Neither the %DEFAULT_SERVICE_NAME%.exe file nor the %SERVICE_NAME%.exe file was found...
)
echo Either the CATALINA_HOME environment variable is not defined correctly or
echo the incorrect service name has been used.
echo Both the CATALINA_HOME environment variable and the correct service name
echo are required to run this program.
goto end
:okHome
cd "%CURRENT_DIR%"
rem Make sure prerequisite environment variables are set
if not "%JAVA_HOME%" == "" goto gotJdkHome
if not "%JRE_HOME%" == "" goto gotJreHome
......@@ -75,12 +133,6 @@ if not "%CATALINA_BASE%" == "" goto gotBase
set "CATALINA_BASE=%CATALINA_HOME%"
:gotBase
set "EXECUTABLE=%CATALINA_HOME%\bin\tomcat@VERSION_MAJOR@.exe"
rem Set default Service name
set SERVICE_NAME=Tomcat@VERSION_MAJOR@
set DISPLAYNAME=Apache Tomcat @VERSION_MAJOR_MINOR@ %SERVICE_NAME%
rem Java 9 no longer supports the java.endorsed.dirs
rem system property. Only try to use it if
rem JAVA_ENDORSED_DIRS was explicitly set
......@@ -94,33 +146,14 @@ if not exist "%CATALINA_HOME%\endorsed" goto doneEndorsed
set ENDORSED_PROP=java.endorsed.dirs
:doneEndorsed
if "x%1x" == "xx" goto displayUsage
set SERVICE_CMD=%1
shift
if "x%1x" == "xx" goto checkServiceCmd
:checkUser
if "x%1x" == "x/userx" goto runAsUser
if "x%1x" == "x--userx" goto runAsUser
set SERVICE_NAME=%1
set DISPLAYNAME=Apache Tomcat @VERSION_MAJOR_MINOR@ %1
shift
if "x%1x" == "xx" goto checkServiceCmd
goto checkUser
:runAsUser
shift
if "x%1x" == "xx" goto displayUsage
set SERVICE_USER=%1
shift
runas /env /savecred /user:%SERVICE_USER% "%COMSPEC% /K \"%SELF%\" %SERVICE_CMD% %SERVICE_NAME%"
goto end
:checkServiceCmd
rem Process the requested command
if /i %SERVICE_CMD% == install goto doInstall
if /i %SERVICE_CMD% == remove goto doRemove
if /i %SERVICE_CMD% == uninstall goto doRemove
echo Unknown parameter "%SERVICE_CMD%"
:displayUsage
echo.
echo Usage: service.bat install/remove [service_name] [/user username]
echo Usage: service.bat install/remove [service_name [--rename]] [--user username]
goto end
:doRemove
......@@ -135,6 +168,10 @@ echo Failed removing '%SERVICE_NAME%' service
goto end
:removed
echo The service '%SERVICE_NAME%' has been removed
if exist "%CATALINA_HOME%\bin\%SERVICE_NAME%.exe" (
rename "%SERVICE_NAME%.exe" "%DEFAULT_SERVICE_NAME%.exe"
rename "%SERVICE_NAME%w.exe" "%DEFAULT_SERVICE_NAME%w.exe"
)
goto end
:doInstall
......@@ -163,6 +200,14 @@ if "%SERVICE_STARTUP_MODE%" == "" set SERVICE_STARTUP_MODE=manual
if "%JvmMs%" == "" set JvmMs=128
if "%JvmMx%" == "" set JvmMx=256
if exist "%CATALINA_HOME%\bin\%DEFAULT_SERVICE_NAME%.exe" (
if "x%RENAME%x" == "x--renamex" (
rename "%DEFAULT_SERVICE_NAME%.exe" "%SERVICE_NAME%.exe"
rename "%DEFAULT_SERVICE_NAME%w.exe" "%SERVICE_NAME%w.exe"
set "EXECUTABLE=%CATALINA_HOME%\bin\%SERVICE_NAME%.exe"
)
)
"%EXECUTABLE%" //IS//%SERVICE_NAME% ^
--Description "Apache Tomcat @VERSION@ Server - https://tomcat.apache.org/" ^
--DisplayName "%DISPLAYNAME%" ^
......@@ -192,4 +237,3 @@ goto end
echo The service '%SERVICE_NAME%' has been installed.
:end
cd "%CURRENT_DIR%"
build.properties.default
View file @ 6d1efd00
......@@ -25,7 +25,7 @@
# ----- Version Control Flags -----
version.major=9
version.minor=0
version.build=22
version.build=24
version.patch=0
version.suffix=
......@@ -97,6 +97,7 @@ base-commons.loc.2=${base-apache.loc.2}/commons
base-tomcat.loc.1=${base-apache.loc.1}/tomcat
base-tomcat.loc.2=${base-apache.loc.2}/tomcat
base-gh.loc=https://github.com
base-sf.loc=https://downloads.sourceforge.net
# repo.maven.apache.org is the same as repo2.maven.org
base-maven.loc=https://repo.maven.apache.org/maven2
......@@ -170,21 +171,21 @@ nsis.system.dll=${nsis.home}/Plugins/${nsis.arch.dir}System.dll
nsis.nsdialogs.dll=${nsis.home}/Plugins/${nsis.arch.dir}nsDialogs.dll
nsis.loc=${base-sf.loc}/nsis/nsis-${nsis.version}.zip
# ----- Commons Daemon, version 1.1.0 or later -----
commons-daemon.version=1.1.0
# ----- Commons Daemon, version 1.2.0 or later -----
commons-daemon.version=1.2.0
# checksum for commons-daemon-1.1.0-bin.tar.gz
# checksum for commons-daemon-1.2.0-bin.tar.gz
commons-daemon.bin.checksum.enabled=true
commons-daemon.bin.checksum.algorithm=SHA-512
commons-daemon.bin.checksum.value=43c33e52e0be11e73370083500592ee9df0431c3166dbc7ed95794cabb462ac2a140e3eb4bbe2a0b99882bb93d9244ff534f13e4933c13e7a31a37e58e0c8e1d
commons-daemon.bin.checksum.value=81fbbd1115d735232bbcc426d958bd8fe149c97bfe96df1549a19332afd4954f3f75c3a693f214bfef065931a1d79c528dfb2cefb1bb3628d211e1761814c23b
# checksums for commons-daemon-1.1.0-native-src.tar.gz, commons-daemon-1.1.0-bin-windows.zip
# checksums for commons-daemon-1.1.0-native-src.tar.gz, commons-daemon-1.2.0-bin-windows.zip
commons-daemon.native.src.checksum.enabled=true
commons-daemon.native.src.checksum.algorithm=SHA-512
commons-daemon.native.src.checksum.value=3443f1c95a4b267c4387a9ac7c79315422a51e896c0bcea48fbe959bc301094770aa8065b2388a84760a3e07e5d1753c2b351336fb2d3a8c996ee14d32088f6e
commons-daemon.native.src.checksum.value=c37f506b129b8a0efface6745dcc6d0d9d3e2663d28eca0df9903301f0b9b65fd8306e361935887fb459daf0a29da6fa63ea60f742ce4e497dc53a2a2d86db12
commons-daemon.native.win.checksum.enabled=true
commons-daemon.native.win.checksum.algorithm=SHA-512
commons-daemon.native.win.checksum.value=10cda04d9a44286cb67107fdb9d20958013f075cad4accba048801f3677765c334dc16f6901e1d2e4a9df5a2c702797370de63393568df6fceb9e7902421f9ea
commons-daemon.native.win.checksum.value=8b6e0bb4172861338e0cb3238f6da715c3cef04a88e8bfab0cbb487ef638aa69fd34de9407b0b2ed54451fbbcbff8a999324289052a581a5d07d6f6ff84a83b6
commons-daemon.home=${base.path}/commons-daemon-${commons-daemon.version}
commons-daemon.jar=${commons-daemon.home}/commons-daemon-${commons-daemon.version}.jar
......@@ -245,14 +246,13 @@ objenesis.jar=${objenesis.home}/objenesis-${objenesis.version}.jar
objenesis.loc=${base-maven.loc}/org/objenesis/objenesis/${objenesis.version}/objenesis-${objenesis.version}.jar
# ----- Checkstyle, version 6.16 or later -----
# Checksums are available at https://sourceforge.net/projects/checkstyle/files/OldFiles/6.17/
checkstyle.version=6.17
checkstyle.version=8.22
checkstyle.checksum.enabled=true
checkstyle.checksum.algorithm=MD5|SHA-1
checkstyle.checksum.value=9180ab8b8219b262bfe88f26fd95d26d|11a02d7b0374f8a82fbd76361a69756faa6aefa0
checkstyle.checksum.algorithm=SHA-512
checkstyle.checksum.value=d595e284ec440e20367b93a1835357f1c4c2cf77af4589caafdaa995aa9e8a341716ad59f5222fff484275f23c11beb71ad58792cc6cdbdb261e320724b9418f
checkstyle.home=${base.path}/checkstyle-${checkstyle.version}
checkstyle.jar=${checkstyle.home}/checkstyle-${checkstyle.version}-all.jar
checkstyle.loc=${base-sf.loc}/checkstyle/checkstyle/${checkstyle.version}/checkstyle-${checkstyle.version}-all.jar
checkstyle.loc=${base-gh.loc}/checkstyle/checkstyle/releases/download/checkstyle-${checkstyle.version}/checkstyle-${checkstyle.version}-all.jar
# ----- Cobertura code coverage tool -----
cobertura.version=2.1.1
......@@ -261,7 +261,7 @@ cobertura.checksum.algorithm=MD5|SHA-1
cobertura.checksum.value=4f46638aa8e4d89565c038092398ea06|99cb44d36555feedcedc46263c23c2f5394ef342
cobertura.home=${base.path}/cobertura-${cobertura.version}
cobertura.jar=${cobertura.home}/cobertura-${cobertura.version}.jar
cobertura.loc=${base-sf.loc}/cobertura/cobertura-2.1.1-bin.tar.gz
cobertura.loc=${base-sf.loc}/cobertura/cobertura-${cobertura.version}-bin.tar.gz
# ----- Findbugs -----
findbugs.version=3.1.12
......@@ -285,16 +285,16 @@ saaj-api.loc=${base-maven.loc}/javax/xml/soap/saaj-api/${saaj-api.version}/saaj-
# ----- bnd & bndlib, version 4.0.0 or later -----
# ----- provides OSGI metadata for JARs -----
bnd.version=4.0.0
bnd.version=4.2.0
# checksums for biz.aQute.bnd-4.0.0.jar, biz.aQute.bndlib-4.0.0.jar
bnd.checksum.enabled=true
bnd.checksum.algorithm=MD5|SHA-1
bnd.checksum.value=ddf578a4413ffa0eb6dc5b9476318fe2|fa7746eb710852498ce1afe5227be3fbfddaf09e
bnd.checksum.value=ca26a671ea67bf75d83b1588bdd68923|d4bc96b2619f95e596bbf3f725f3b077e96c5d43
bndlib.checksum.enabled=true
bndlib.checksum.algorithm=MD5|SHA-1
bndlib.checksum.value=7aa264bf3b6b32a11eea4a6cf43a9aaa|21e1d6fd1874d9bc201f2de1d0a48e84bff4149d
bndlib.checksum.value=7519e890783ade99bb74608d0efbf8c4|c4fa30ac11cc0bf27b1f706ac8ebae8cec358e77
bnd.home=${base.path}/bnd-${bnd.version}
bnd.jar=${bnd.home}/biz.aQute.bnd-${bnd.version}.jar
......
build.xml
View file @ 6d1efd00
......@@ -3269,11 +3269,11 @@ Read the Building page on the Apache Tomcat documentation site for details on ho
<target name="add-osgi" if="${addOSGi}" >
<echo message="add-osgi ${jarfile} ${addOSGi}"></echo>
<bndwrap output="${jarfile}.bnd" definitions="${tomcat.bnd}" >
<bndwrap output="${jarfile}.tmp" definitions="${tomcat.bnd}" >
<fileset file="${jarfile}" />
</bndwrap>
<delete file="${jarfile}" />
<move file="${jarfile}.bnd" tofile="${jarfile}" />
<move file="${jarfile}.tmp" tofile="${jarfile}" />
</target>
<!-- Macro, used to create checksum and signature files -->
......
debian/changelog
View file @ 6d1efd00
tomcat9 (9.0.24-1) unstable; urgency=medium
* New upstream release
- Refreshed the patches
-- Emmanuel Bourg <ebourg@apache.org> Thu, 22 Aug 2019 13:55:14 +0200
tomcat9 (9.0.22-1) unstable; urgency=medium
* New upstream release
......
debian/patches/0026-easymock4-compatibility.patch
View file @ 6d1efd00
......@@ -44,7 +44,43 @@ Forwarded: no
verifyCrawlingLocalhost(valve, "localhost");
verifyCrawlingLocalhost(valve, "example.invalid");
@@ -131,14 +131,14 @@
@@ -103,7 +103,7 @@
valve.setCrawlerUserAgents(valve.getCrawlerUserAgents());
valve.setHostAware(true);
valve.setContextAware(true);
- valve.setNext(EasyMock.createMock(Valve.class));
+ valve.setNext((Valve) EasyMock.createMock(Valve.class));
verifyCrawlingContext(valve, "/examples");
verifyCrawlingContext(valve, null);
@@ -114,7 +114,7 @@
CrawlerSessionManagerValve valve = new CrawlerSessionManagerValve();
valve.setCrawlerIps("216\\.58\\.206\\.174");
valve.setCrawlerUserAgents(valve.getCrawlerUserAgents());
- valve.setNext(EasyMock.createMock(Valve.class));
+ valve.setNext((Valve) EasyMock.createMock(Valve.class));
valve.setSessionInactiveInterval(0);
StandardSession session = new StandardSession(TEST_MANAGER);
session.setId("id");
@@ -124,7 +124,7 @@
EasyMock.replay(request);
- valve.invoke(request, EasyMock.createMock(Response.class));
+ valve.invoke(request, (Response) EasyMock.createMock(Response.class));
EasyMock.verify(request);
@@ -143,7 +143,7 @@
EasyMock.replay(request, session);
- valve.invoke(request, EasyMock.createMock(Response.class));
+ valve.invoke(request, (Response) EasyMock.createMock(Response.class));
EasyMock.verify(request, session);
}
@@ -156,14 +156,14 @@
EasyMock.replay(request, session);
......@@ -61,16 +97,16 @@ Forwarded: no
if (isBot) {
EasyMock.expect(session.getId()).andReturn("id").times(2);
session.setAttribute(EasyMock.eq(valve.getClass().getName()), EasyMock.anyObject(HttpSessionBindingListener.class));
@@ -155,7 +155,7 @@
}
@@ -181,7 +181,7 @@
private Request createRequestExpectations(String ip, HttpSession session, boolean isBot, String hostname, String userAgent) {
private Request createRequestExpectations(String ip, HttpSession session, boolean isBot, String hostname,
String contextPath, String userAgent) {
- Request request = EasyMock.createMock(Request.class);
+ Request request = (Request) EasyMock.createMock(Request.class);
EasyMock.expect(request.getRemoteAddr()).andReturn(ip);
EasyMock.expect(request.getHost()).andReturn(simpleHostWithName(hostname));
EasyMock.expect(request.getContext()).andReturn(simpleContextWithName());
@@ -169,14 +169,14 @@
EasyMock.expect(request.getContext()).andReturn(simpleContextWithName(contextPath));
@@ -195,7 +195,7 @@
}
private Host simpleHostWithName(String hostname) {
......@@ -79,12 +115,13 @@ Forwarded: no
EasyMock.expect(host.getName()).andReturn(hostname);
EasyMock.replay(host);
return host;
@@ -205,7 +205,7 @@
if (contextPath == null) {
return null;
}
private Context simpleContextWithName() {
- Context context = EasyMock.createMock(Context.class);
+ Context context = (Context) EasyMock.createMock(Context.class);
EasyMock.expect(context.getName()).andReturn("/examples");
EasyMock.expect(context.getName()).andReturn(contextPath);
EasyMock.replay(context);
return context;
--- a/test/org/apache/catalina/valves/TestSSLValve.java
......
java/org/apache/catalina/AccessLog.java
View file @ 6d1efd00
......@@ -54,6 +54,13 @@ public interface AccessLog {
public static final String PROTOCOL_ATTRIBUTE =
"org.apache.catalina.AccessLog.Protocol";
/**
* Name of request attribute used to override the server name recorded by
* the AccessLog.
*/
public static final String SERVER_NAME_ATTRIBUTE =
"org.apache.catalina.AccessLog.ServerName";
/**
* Name of request attribute used to override the server port recorded by
* the AccessLog.
......
java/org/apache/catalina/Globals.java
View file @ 6d1efd00
......@@ -199,6 +199,15 @@ public final class Globals {
org.apache.coyote.Constants.REMOTE_ADDR_ATTRIBUTE;
/**
* The request attribute that is set to the value of {@code Boolean.TRUE}
* by the RemoteIpFilter, RemoteIpValve (and other similar components) that identifies
* a request which been forwarded via one or more proxies.
*/
public static final String REQUEST_FORWARDED_ATTRIBUTE =
"org.apache.tomcat.request.forwarded";
public static final String ASYNC_SUPPORTED_ATTR =
"org.apache.catalina.ASYNC_SUPPORTED";
......
java/org/apache/catalina/authenticator/AuthenticatorBase.java
View file @ 6d1efd00
......@@ -53,9 +53,11 @@ import org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl;
import org.apache.catalina.authenticator.jaspic.MessageInfoImpl;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.filters.RemoteIpFilter;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.util.SessionIdGeneratorBase;
import org.apache.catalina.util.StandardSessionIdGenerator;
import org.apache.catalina.valves.RemoteIpValve;
import org.apache.catalina.valves.ValveBase;
import org.apache.coyote.ActionCode;
import org.apache.juli.logging.Log;
......@@ -214,6 +216,19 @@ public abstract class AuthenticatorBase extends ValveBase
*/
protected String jaspicCallbackHandlerClass = null;
/**
* Should the auth information (remote user and auth type) be returned as response
* headers for a forwarded/proxied request? When the {@link RemoteIpValve} or
* {@link RemoteIpFilter} mark a forwarded request with the
* {@link Globals#REQUEST_FORWARDED_ATTRIBUTE} this authenticator can return the
* values of {@link HttpServletRequest#getRemoteUser()} and
* {@link HttpServletRequest#getAuthType()} as reponse headers {@code remote-user}
* and {@code auth-type} to a reverse proxy. This is useful, e.g., for access log
* consistency or other decisions to make.
*/
protected boolean sendAuthInfoResponseHeaders = false;
protected SessionIdGeneratorBase sessionIdGenerator = null;
/**
......@@ -429,6 +444,27 @@ public abstract class AuthenticatorBase extends ValveBase
this.jaspicCallbackHandlerClass = jaspicCallbackHandlerClass;
}
/**
* Returns the flag whether authentication information will be sent to a reverse
* proxy on a forwarded request.
*
* @return {@code true} if response headers shall be sent, {@code false} otherwise
*/
public boolean isSendAuthInfoResponseHeaders() {
return sendAuthInfoResponseHeaders;
}
/**
* Sets the flag whether authentication information will be send to a reverse
* proxy on a forwarded request.
*
* @param sendAuthInfoResponseHeaders {@code true} if response headers shall be
* sent, {@code false} otherwise
*/
public void setSendAuthInfoResponseHeaders(boolean sendAuthInfoResponseHeaders) {
this.sendAuthInfoResponseHeaders = sendAuthInfoResponseHeaders;
}
// --------------------------------------------------------- Public Methods
/**
......@@ -997,6 +1033,12 @@ public abstract class AuthenticatorBase extends ValveBase
request.setAuthType(authType);
request.setUserPrincipal(principal);
if (sendAuthInfoResponseHeaders
&& Boolean.TRUE.equals(request.getAttribute(Globals.REQUEST_FORWARDED_ATTRIBUTE))) {
response.setHeader("remote-user", request.getRemoteUser());
response.setHeader("auth-type", request.getAuthType());
}
Session session = request.getSessionInternal(false);
if (session != null) {
......
java/org/apache/catalina/connector/CoyoteAdapter.java
View file @ 6d1efd00
......@@ -727,7 +727,16 @@ public class CoyoteAdapter implements Adapter {
}
// Look for session ID in cookies and SSL session
try {
parseSessionCookiesId(request);
} catch (IllegalArgumentException e) {
// Too many cookies
if (!response.isError()) {
response.setError();
response.sendError(400);
}
return true;
}
parseSessionSslId(request);
sessionID = request.getRequestedSessionId();
......@@ -1138,11 +1147,6 @@ public class CoyoteAdapter implements Adapter {
return false;
}
// URL * is acceptable
if ((end - start == 1) && b[start] == (byte) '*') {
return true;
}
int pos = 0;
int index = 0;
......
java/org/apache/catalina/connector/LocalStrings_fr.properties
View file @ 6d1efd00
......@@ -80,6 +80,7 @@ inputBuffer.streamClosed=Le flux a été fermé
outputBuffer.writeNull=L'argument String dans write(String, int, int) ne doit pas être null
request.asyncNotSupported=Un filtre ou un Servlet de la chaîne actuelle ne supporte pas le mode asynchrone
request.fragmentInDispatchPath=Le fragment dans le chemin de dispatch [{0}] a été enlevé
request.illegalWrap=L'enrobeur de la réponse doit enrober la requête obtenue à partir de getRequest()
request.notAsync=Il est interdit d'appeler cette méthode si la requête actuelle n'est pas en mode asynchrone (isAsyncStarted() a renvoyé false)
......
java/org/apache/catalina/connector/LocalStrings_ko.properties
View file @ 6d1efd00
......@@ -80,6 +80,7 @@ inputBuffer.streamClosed=스트림이 닫혔습니다.
outputBuffer.writeNull=write(String,int,int) 메소드에 전달되는 String 아규먼트는 널일 수 없습니다.
request.asyncNotSupported=현재 체인의 필터 또는 서블릿이, 비동기 오퍼레이션들을 지원하지 않습니다.
request.fragmentInDispatchPath=디스패치 경로 [{0}](으)로부터 URI fragment를 제거했습니다.
request.illegalWrap=요청 wrapper는 반드시 getRequest()로부터 얻어진 요청을 wrap해야 합니다.
request.notAsync=만일 현재의 쓰레드가 비동기 모드에 있지 않다면, 이 메소드를 호출하는 것은 불허됩니다. (즉, isAsyncStarted()가 false를 반환하는 경우)
......
java/org/apache/catalina/connector/OutputBuffer.java
View file @ 6d1efd00
......@@ -58,6 +58,11 @@ public class OutputBuffer extends Writer {
private final Map<Charset, C2BConverter> encoders = new HashMap<>();
/**
* Default buffer size.
*/
private final int defaultBufferSize;
// ----------------------------------------------------- Instance Variables
/**
......@@ -128,6 +133,7 @@ public class OutputBuffer extends Writer {
* @param size Buffer size to use
*/
public OutputBuffer(int size) {
defaultBufferSize = size;
bb = ByteBuffer.allocate(size);
clear(bb);
cb = CharBuffer.allocate(size);
......@@ -188,6 +194,10 @@ public class OutputBuffer extends Writer {
bytesWritten = 0;
charsWritten = 0;
if (bb.capacity() > 16 * defaultBufferSize) {
// Discard buffers which are too large
bb = ByteBuffer.allocate(defaultBufferSize);
}
clear(bb);
clear(cb);
closed = false;
......
java/org/apache/catalina/connector/Request.java
View file @ 6d1efd00
......@@ -852,8 +852,6 @@ public class Request implements HttpServletRequest {
// ------------------------------------------------- ServletRequest Methods
/**
* @return the specified request attribute if it exists; otherwise, return
* <code>null</code>.
......@@ -1045,8 +1043,7 @@ public class Request implements HttpServletRequest {
public ServletInputStream getInputStream() throws IOException {
if (usingReader) {
throw new IllegalStateException
(sm.getString("coyoteRequest.getInputStream.ise"));
throw new IllegalStateException(sm.getString("coyoteRequest.getInputStream.ise"));
}
usingInputStream = true;
......@@ -1208,8 +1205,7 @@ public class Request implements HttpServletRequest {
public BufferedReader getReader() throws IOException {
if (usingInputStream) {
throw new IllegalStateException
(sm.getString("coyoteRequest.getReader.ise"));
throw new IllegalStateException(sm.getString("coyoteRequest.getReader.ise"));
}
// InputBuffer has no easily accessible reference chain to the Context
......@@ -1275,8 +1271,7 @@ public class Request implements HttpServletRequest {
@Override
public String getRemoteAddr() {
if (remoteAddr == null) {
coyoteRequest.action
(ActionCode.REQ_HOST_ADDR_ATTRIBUTE, coyoteRequest);
coyoteRequest.action(ActionCode.REQ_HOST_ADDR_ATTRIBUTE, coyoteRequest);
remoteAddr = coyoteRequest.remoteAddr().toString();
}
return remoteAddr;
......@@ -1292,8 +1287,7 @@ public class Request implements HttpServletRequest {
if (!connector.getEnableLookups()) {
remoteHost = getRemoteAddr();
} else {
coyoteRequest.action
(ActionCode.REQ_HOST_ATTRIBUTE, coyoteRequest);
coyoteRequest.action(ActionCode.REQ_HOST_ATTRIBUTE, coyoteRequest);
remoteHost = coyoteRequest.remoteHost().toString();
}
}
......@@ -1307,8 +1301,7 @@ public class Request implements HttpServletRequest {
@Override
public int getRemotePort(){
if (remotePort == -1) {
coyoteRequest.action
(ActionCode.REQ_REMOTEPORT_ATTRIBUTE, coyoteRequest);
coyoteRequest.action(ActionCode.REQ_REMOTEPORT_ATTRIBUTE, coyoteRequest);
remotePort = coyoteRequest.getRemotePort();
}
return remotePort;
......@@ -1321,8 +1314,7 @@ public class Request implements HttpServletRequest {
@Override
public String getLocalName(){
if (localName == null) {
coyoteRequest.action
(ActionCode.REQ_LOCAL_NAME_ATTRIBUTE, coyoteRequest);
coyoteRequest.action(ActionCode.REQ_LOCAL_NAME_ATTRIBUTE, coyoteRequest);
localName = coyoteRequest.localName().toString();
}
return localName;
......@@ -1335,8 +1327,7 @@ public class Request implements HttpServletRequest {
@Override
public String getLocalAddr(){
if (localAddr == null) {
coyoteRequest.action
(ActionCode.REQ_LOCAL_ADDR_ATTRIBUTE, coyoteRequest);
coyoteRequest.action(ActionCode.REQ_LOCAL_ADDR_ATTRIBUTE, coyoteRequest);
localAddr = coyoteRequest.localAddr().toString();
}
return localAddr;
......@@ -1350,8 +1341,7 @@ public class Request implements HttpServletRequest {
@Override
public int getLocalPort(){
if (localPort == -1){
coyoteRequest.action
(ActionCode.REQ_LOCALPORT_ATTRIBUTE, coyoteRequest);
coyoteRequest.action(ActionCode.REQ_LOCALPORT_ATTRIBUTE, coyoteRequest);
localPort = coyoteRequest.getLocalPort();
}
return localPort;
......@@ -1514,8 +1504,7 @@ public class Request implements HttpServletRequest {
// Name cannot be null
if (name == null) {
throw new IllegalArgumentException
(sm.getString("coyoteRequest.setAttribute.namenull"));
throw new IllegalArgumentException(sm.getString("coyoteRequest.setAttribute.namenull"));
}
// Null value is the same as removeAttribute()
......@@ -2071,6 +2060,7 @@ public class Request implements HttpServletRequest {
return authType;
}
/**
* Return the portion of the request URI used to select the Context
* of the Request. The value returned is not decoded which also implies it
......@@ -2653,21 +2643,21 @@ public class Request implements HttpServletRequest {
}
Context context = getContext();
if (context != null
&& !context.getServletContext()
if (context != null &&
!context.getServletContext()
.getEffectiveSessionTrackingModes()
.contains(SessionTrackingMode.COOKIE)) {
return;
}
if (response != null) {
Cookie newCookie =
ApplicationSessionCookieConfig.createSessionCookie(context,
Cookie newCookie = ApplicationSessionCookieConfig.createSessionCookie(context,
newSessionId, isSecure());
response.addSessionCookieInternal(newCookie);
}
}
/**
* Changes the session ID of the session associated with this request.
*
......@@ -2804,10 +2794,8 @@ public class Request implements HttpServletRequest {
if (mce == null) {
if(context.getAllowCasualMultipartParsing()) {
mce = new MultipartConfigElement(null,
connector.getMaxPostSize(),
connector.getMaxPostSize(),
connector.getMaxPostSize());
mce = new MultipartConfigElement(null, connector.getMaxPostSize(),
connector.getMaxPostSize(), connector.getMaxPostSize());
} else {
if (explicit) {
partsParseException = new IllegalStateException(
......@@ -2835,8 +2823,7 @@ public class Request implements HttpServletRequest {
location = new File(locationStr);
if (!location.isAbsolute()) {
location = new File(
(File) context.getServletContext().getAttribute(
ServletContext.TEMPDIR),
(File) context.getServletContext().getAttribute(ServletContext.TEMPDIR),
locationStr).getAbsoluteFile();
}
}
......@@ -3003,8 +2990,7 @@ public class Request implements HttpServletRequest {
boolean trackModesIncludesCookie =
context.getServletContext().getEffectiveSessionTrackingModes().contains(SessionTrackingMode.COOKIE);
if (trackModesIncludesCookie && response.getResponse().isCommitted()) {
throw new IllegalStateException(
sm.getString("coyoteRequest.sessionCreateCommitted"));
throw new IllegalStateException(sm.getString("coyoteRequest.sessionCreateCommitted"));
}
// Re-use session IDs provided by the client in very limited
......@@ -3079,8 +3065,7 @@ public class Request implements HttpServletRequest {
if (c!='\\') {
buf.append(c);
} else {
if (++i >= s.length())
{
if (++i >= s.length()) {
throw new IllegalArgumentException();//invalid escape, hence invalid cookie
}
c = s.charAt(i);
......@@ -3138,9 +3123,7 @@ public class Request implements HttpServletRequest {
for (int i = 0; i < count; i++) {
ServerCookie scookie = serverCookies.getCookie(i);
try {
/*
we must unescape the '\\' escape character
*/
// We must unescape the '\\' escape character
Cookie cookie = new Cookie(scookie.getName().toString(),null);
int version = scookie.getVersion();
cookie.setVersion(version);
......@@ -3148,8 +3131,7 @@ public class Request implements HttpServletRequest {
cookie.setValue(unescape(scookie.getValue().toString()));
cookie.setPath(unescape(scookie.getPath().toString()));
String domain = scookie.getDomain().toString();
if (domain!=null)
{
if (domain!=null) {
cookie.setDomain(unescape(domain));//avoid NPE
}
String comment = scookie.getComment().toString();
......@@ -3259,8 +3241,7 @@ public class Request implements HttpServletRequest {
Context context = getContext();
if (context != null && context.getLogger().isDebugEnabled()) {
context.getLogger().debug(
sm.getString("coyoteRequest.parseParameters"),
e);
sm.getString("coyoteRequest.parseParameters"), e);
}
parameters.setParseFailedReason(FailReason.CLIENT_DISCONNECT);
return;
......@@ -3287,8 +3268,7 @@ public class Request implements HttpServletRequest {
Context context = getContext();
if (context != null && context.getLogger().isDebugEnabled()) {
context.getLogger().debug(
sm.getString("coyoteRequest.parseParameters"),
e);
sm.getString("coyoteRequest.parseParameters"), e);
}
return;
}
......@@ -3440,8 +3420,7 @@ public class Request implements HttpServletRequest {
// void remove(Request request, String name);
}
private static final Map<String, SpecialAttributeAdapter> specialAttributes
= new HashMap<>();
private static final Map<String, SpecialAttributeAdapter> specialAttributes = new HashMap<>();
static {
specialAttributes.put(Globals.DISPATCHER_TYPE_ATTR,
......
java/org/apache/catalina/connector/Response.java
View file @ 6d1efd00
......@@ -868,7 +868,7 @@ public class Response implements HttpServletResponse {
public Collection<String> getHeaderNames() {
MimeHeaders headers = getCoyoteResponse().getMimeHeaders();
int n = headers.size();
ArrayList<String> result = new ArrayList<>(n);
List<String> result = new ArrayList<>(n);
for (int i = 0; i < n; i++) {
result.add(headers.getName(i).toString());
}
......@@ -881,7 +881,7 @@ public class Response implements HttpServletResponse {
public Collection<String> getHeaders(String name) {
Enumeration<String> enumeration =
getCoyoteResponse().getMimeHeaders().values(name);
ArrayList<String> result = new ArrayList<>();
List<String> result = new ArrayList<>();
while (enumeration.hasMoreElements()) {
result.add(enumeration.nextElement());
}
......@@ -1393,9 +1393,10 @@ public class Response implements HttpServletResponse {
char cc=name.charAt(0);
if (cc=='C' || cc=='c') {
if (checkSpecialHeader(name, value))
if (checkSpecialHeader(name, value)) {
return;
}
}
getCoyoteResponse().setHeader(name, value);
}
......
java/org/apache/catalina/core/ApplicationContext.java
View file @ 6d1efd00
......@@ -180,8 +180,7 @@ public class ApplicationContext implements ServletContext {
/**
* The string manager for this package.
*/
private static final StringManager sm =
StringManager.getManager(Constants.Package);
private static final StringManager sm = StringManager.getManager(Constants.Package);
/**
......@@ -262,7 +261,7 @@ public class ApplicationContext implements ServletContext {
pathMB.setString(uri);
MappingData mappingData = new MappingData();
((Engine) host.getParent()).getService().getMapper().map(hostMB, pathMB, null, mappingData);
service.getMapper().map(hostMB, pathMB, null, mappingData);
child = mappingData.context;
}
} catch (Throwable t) {
......@@ -594,8 +593,7 @@ public class ApplicationContext implements ServletContext {
return null;
}
if (!path.startsWith("/")) {
throw new IllegalArgumentException
(sm.getString("applicationContext.resourcePaths.iae", path));
throw new IllegalArgumentException (sm.getString("applicationContext.resourcePaths.iae", path));
}
WebResourceRoot resources = context.getResources();
......@@ -676,26 +674,23 @@ public class ApplicationContext implements ServletContext {
// Notify interested application event listeners
Object listeners[] = context.getApplicationEventListeners();
if ((listeners == null) || (listeners.length == 0))
if ((listeners == null) || (listeners.length == 0)) {
return;
ServletContextAttributeEvent event =
new ServletContextAttributeEvent(context.getServletContext(),
name, value);
for (int i = 0; i < listeners.length; i++) {
if (!(listeners[i] instanceof ServletContextAttributeListener))
}
ServletContextAttributeEvent event = new ServletContextAttributeEvent(
context.getServletContext(), name, value);
for (Object obj : listeners) {
if (!(obj instanceof ServletContextAttributeListener)) {
continue;
ServletContextAttributeListener listener =
(ServletContextAttributeListener) listeners[i];
}
ServletContextAttributeListener listener = (ServletContextAttributeListener) obj;
try {
context.fireContainerEvent("beforeContextAttributeRemoved",
listener);
context.fireContainerEvent("beforeContextAttributeRemoved", listener);
listener.attributeRemoved(event);
context.fireContainerEvent("afterContextAttributeRemoved",
listener);
context.fireContainerEvent("afterContextAttributeRemoved", listener);
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
context.fireContainerEvent("afterContextAttributeRemoved",
listener);
context.fireContainerEvent("afterContextAttributeRemoved", listener);
// FIXME - should we do anything besides log these?
log(sm.getString("applicationContext.attributeEvent"), t);
}
......@@ -707,8 +702,7 @@ public class ApplicationContext implements ServletContext {
public void setAttribute(String name, Object value) {
// Name cannot be null
if (name == null) {
throw new NullPointerException
(sm.getString("applicationContext.setAttribute.namenull"));
throw new NullPointerException(sm.getString("applicationContext.setAttribute.namenull"));
}
// Null value is the same as removeAttribute()
......@@ -719,53 +713,47 @@ public class ApplicationContext implements ServletContext {
// Add or replace the specified attribute
// Check for read only attribute
if (readOnlyAttributes.containsKey(name))
if (readOnlyAttributes.containsKey(name)) {
return;
}
Object oldValue = attributes.put(name, value);
boolean replaced = oldValue != null;
// Notify interested application event listeners
Object listeners[] = context.getApplicationEventListeners();
if ((listeners == null) || (listeners.length == 0))
if ((listeners == null) || (listeners.length == 0)) {
return;
}
ServletContextAttributeEvent event = null;
if (replaced)
event =
new ServletContextAttributeEvent(context.getServletContext(),
name, oldValue);
else
event =
new ServletContextAttributeEvent(context.getServletContext(),
name, value);
for (int i = 0; i < listeners.length; i++) {
if (!(listeners[i] instanceof ServletContextAttributeListener))
if (replaced) {
event = new ServletContextAttributeEvent(context.getServletContext(), name, oldValue);
} else {
event = new ServletContextAttributeEvent(context.getServletContext(), name, value);
}
for (Object obj : listeners) {
if (!(obj instanceof ServletContextAttributeListener)) {
continue;
ServletContextAttributeListener listener =
(ServletContextAttributeListener) listeners[i];
}
ServletContextAttributeListener listener = (ServletContextAttributeListener) obj;
try {
if (replaced) {
context.fireContainerEvent
("beforeContextAttributeReplaced", listener);
context.fireContainerEvent("beforeContextAttributeReplaced", listener);
listener.attributeReplaced(event);
context.fireContainerEvent("afterContextAttributeReplaced",
listener);
context.fireContainerEvent("afterContextAttributeReplaced", listener);
} else {
context.fireContainerEvent("beforeContextAttributeAdded",
listener);
context.fireContainerEvent("beforeContextAttributeAdded", listener);
listener.attributeAdded(event);
context.fireContainerEvent("afterContextAttributeAdded",
listener);
context.fireContainerEvent("afterContextAttributeAdded", listener);
}
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
if (replaced)
context.fireContainerEvent("afterContextAttributeReplaced",
listener);
else
context.fireContainerEvent("afterContextAttributeAdded",
listener);
if (replaced) {
context.fireContainerEvent("afterContextAttributeReplaced", listener);
} else {
context.fireContainerEvent("afterContextAttributeAdded", listener);
}
// FIXME - should we do anything besides log these?
log(sm.getString("applicationContext.attributeEvent"), t);
}
......@@ -978,8 +966,7 @@ public class ApplicationContext implements ServletContext {
@Override
public <T extends Servlet> T createServlet(Class<T> c)
throws ServletException {
public <T extends Servlet> T createServlet(Class<T> c) throws ServletException {
try {
@SuppressWarnings("unchecked")
T servlet = (T) context.getInstanceManager().newInstance(c.getName());
......@@ -1023,8 +1010,7 @@ public class ApplicationContext implements ServletContext {
// SSL not enabled by default as it can only used on its own
// Context > Host > Engine > Service
Service s = ((Engine) context.getParent().getParent()).getService();
Connector[] connectors = s.findConnectors();
Connector[] connectors = service.findConnectors();
// Need at least one SSL enabled connector to use the SSL session ID.
for (Connector connector : connectors) {
if (Boolean.TRUE.equals(connector.getAttribute("SSLEnabled"))) {
......@@ -1085,8 +1071,7 @@ public class ApplicationContext implements ServletContext {
public boolean setInitParameter(String name, String value) {
// Name cannot be null
if (name == null) {
throw new NullPointerException
(sm.getString("applicationContext.setAttribute.namenull"));
throw new NullPointerException(sm.getString("applicationContext.setAttribute.namenull"));
}
if (!context.getState().equals(LifecycleState.STARTING_PREP)) {
throw new IllegalStateException(
......@@ -1160,9 +1145,8 @@ public class ApplicationContext implements ServletContext {
match = true;
}
if (t instanceof HttpSessionListener
|| (t instanceof ServletContextListener &&
newServletContextListenerAllowed)) {
if (t instanceof HttpSessionListener ||
(t instanceof ServletContextListener && newServletContextListenerAllowed)) {
// Add listener directly to the list of instances rather than to
// the list of class names.
context.addApplicationLifecycleListener(t);
......@@ -1188,8 +1172,7 @@ public class ApplicationContext implements ServletContext {
throws ServletException {
try {
@SuppressWarnings("unchecked")
T listener =
(T) context.getInstanceManager().newInstance(c);
T listener = (T) context.getInstanceManager().newInstance(c);
if (listener instanceof ServletContextListener ||
listener instanceof ServletContextAttributeListener ||
listener instanceof ServletRequestListener ||
......
java/org/apache/catalina/core/AsyncContextImpl.java
View file @ 6d1efd00
......@@ -532,6 +532,13 @@ public class AsyncContextImpl implements AsyncContext, AsyncContextCallback {
ClassLoader oldCL = context.bind(Globals.IS_SECURITY_ENABLED, null);
try {
wrapped.run();
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
context.getLogger().error(sm.getString("asyncContextImpl.asyncRunnableError"), t);
coyoteRequest.setAttribute(RequestDispatcher.ERROR_EXCEPTION, t);
org.apache.coyote.Response coyoteResponse = coyoteRequest.getResponse();
coyoteResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
coyoteResponse.setError();
} finally {
context.unbind(Globals.IS_SECURITY_ENABLED, oldCL);
}
......
java/org/apache/catalina/core/LocalStrings.properties
View file @ 6d1efd00
......@@ -92,6 +92,7 @@ aprListener.tooLateForSSLRandomSeed=Cannot setSSLRandomSeed: SSL has already bee
aprListener.wrongFIPSMode=Unexpected value of FIPSMode option of AprLifecycleListener: [{0}]
asyncContextImpl.asyncDispachError=Error during asynchronous dispatch
asyncContextImpl.asyncRunnableError=Error during processing of asynchronous Runnable via AsyncContext.start()
asyncContextImpl.dispatchingStarted=Asynchronous dispatch operation has already been called. Additional asynchronous dispatch operation within the same asynchronous cycle is not allowed.
asyncContextImpl.noAsyncDispatcher=The dispatcher returned from the ServletContext does not support asynchronous dispatching
asyncContextImpl.onCompleteError=onComplete() call failed for listener of type [{0}]
......