Author: remy.maucherat(a)jboss.com
Date: 2008-05-05 05:47:45 -0400 (Mon, 05 May 2008)
New Revision: 609
Modified:
trunk/java/org/apache/catalina/core/StandardContext.java
trunk/java/org/apache/catalina/deploy/SecurityCollection.java
trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
trunk/webapps/docs/changelog.xml
trunk/webapps/docs/config/http.xml
Log:
- Port 3 minor Tomcat patches.
Modified: trunk/java/org/apache/catalina/core/StandardContext.java
===================================================================
--- trunk/java/org/apache/catalina/core/StandardContext.java 2008-05-03 16:55:40 UTC (rev
608)
+++ trunk/java/org/apache/catalina/core/StandardContext.java 2008-05-05 09:47:45 UTC (rev
609)
@@ -5048,7 +5048,7 @@
// Acquire (or calculate) the work directory path
String workDir = getWorkDir();
- if (workDir == null) {
+ if (workDir == null || workDir.length() == 0) {
// Retrieve our parent (normally a host) name
String hostName = null;
@@ -5134,20 +5134,40 @@
return (false);
}
if (urlPattern.startsWith("*.")) {
- if (urlPattern.indexOf('/') < 0)
+ if (urlPattern.indexOf('/') < 0) {
+ checkUnusualURLPattern(urlPattern);
return (true);
- else
+ } else {
return (false);
+ }
}
if ( (urlPattern.startsWith("/")) &&
- (urlPattern.indexOf("*.") < 0))
+ (urlPattern.indexOf("*.") < 0)) {
+ checkUnusualURLPattern(urlPattern);
return (true);
- else
+ } else {
return (false);
+ }
}
+ /**
+ * Check for unusual but valid
<code><url-pattern></code>s.
+ * See Bugzilla 34805, 43079 & 43080
+ */
+ private void checkUnusualURLPattern(String urlPattern) {
+ if (log.isInfoEnabled()) {
+ if(urlPattern.endsWith("*") && (urlPattern.length() < 2
||
+ urlPattern.charAt(urlPattern.length()-2) != '/')) {
+ log.info("Suspicious url pattern: \"" + urlPattern +
"\"" +
+ " in context [" + getName() + "] - see" +
+ " section SRV.11.2 of the Servlet specification" );
+ }
+ }
+ }
+
+
// ------------------------------------------------------------- Operations
Modified: trunk/java/org/apache/catalina/deploy/SecurityCollection.java
===================================================================
--- trunk/java/org/apache/catalina/deploy/SecurityCollection.java 2008-05-03 16:55:40 UTC
(rev 608)
+++ trunk/java/org/apache/catalina/deploy/SecurityCollection.java 2008-05-05 09:47:45 UTC
(rev 609)
@@ -19,14 +19,11 @@
package org.apache.catalina.deploy;
-import org.apache.catalina.util.RequestUtil;
-
-import org.jboss.logging.Logger;
-import org.jboss.logging.Logger;
-
import java.io.Serializable;
+import org.apache.catalina.util.RequestUtil;
+
/**
* Representation of a web resource collection for a web application's security
* constraint, as represented in a
<code><web-resource-collection></code>
@@ -44,9 +41,7 @@
public class SecurityCollection implements Serializable {
- private static Logger log = Logger.getLogger(SecurityCollection.class);
-
// ----------------------------------------------------------- Constructors
@@ -188,17 +183,6 @@
if (pattern == null)
return;
- // Bugzilla 34805: add friendly warning.
- if(pattern.endsWith("*")) {
- if (pattern.charAt(pattern.length()-1) != '/') {
- if (log.isDebugEnabled()) {
- log.warn("Suspicious url pattern: \"" + pattern +
"\"" +
- " - see
http://java.sun.com/aboutJava/communityprocess/first/jsr053/servlet23_PFD... +
- " section 11.2" );
- }
- }
- }
-
pattern = RequestUtil.URLDecode(pattern);
String results[] = new String[patterns.length + 1];
for (int i = 0; i < patterns.length; i++) {
Modified: trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
===================================================================
--- trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 2008-05-03 16:55:40
UTC (rev 608)
+++ trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 2008-05-05 09:47:45
UTC (rev 609)
@@ -310,7 +310,7 @@
InputStream istream = null;
try {
ks = KeyStore.getInstance(type);
- if(! "PKCS11".equalsIgnoreCase(type) ) {
+ if (!("PKCS11".equalsIgnoreCase(type) ||
"".equalsIgnoreCase(path))) {
File keyStoreFile = new File(path);
if (!keyStoreFile.isAbsolute()) {
keyStoreFile = new
File(System.getProperty("catalina.base"),
Modified: trunk/webapps/docs/changelog.xml
===================================================================
--- trunk/webapps/docs/changelog.xml 2008-05-03 16:55:40 UTC (rev 608)
+++ trunk/webapps/docs/changelog.xml 2008-05-05 09:47:45 UTC (rev 609)
@@ -44,6 +44,14 @@
<bug>43150</bug>: Improve URL conversion so that some more special
chars can be used
in the installation path. (markt)
</fix>
+ <fix>
+ <bug>43117</bug>: Setting an empty workDir can delete all of
CATALINA_HOME.
+ Patch provided by Takayuki Kaneko. (markt)
+ </fix>
+ <fix>
+ <bug>43079</bug> and <bug>43080</bug>: Move odd
url-pattern warning to StandardContext so a) we catch all patterns
+ and b) it isn't logged to the wrong webapp. Based on a patch by John Kew.
(markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
@@ -56,6 +64,10 @@
<bug>43191</bug>: No way to turn off compression for some mime-types.
Based on a patch
by Len Popp. (markt)
</fix>
+ <fix>
+ <bug>43094</bug>: Support keystoreTypes that don't need a file.
Based on a patch
+ by Bruno Harbulot. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
Modified: trunk/webapps/docs/config/http.xml
===================================================================
--- trunk/webapps/docs/config/http.xml 2008-05-03 16:55:40 UTC (rev 608)
+++ trunk/webapps/docs/config/http.xml 2008-05-05 09:47:45 UTC (rev 609)
@@ -440,7 +440,9 @@
<p>The pathname of the keystore file where you have stored the
server certificate to be loaded. By default, the pathname is
the file "<code>.keystore</code>" in the operating system
home
- directory of the user that is running JBoss Web.</p>
+ directory of the user that is running JBoss Web. If your
+ <code>keystoreType</code> doesn't need a file use
<code>""</code>
+ (empty string) for this parameter.</p>
</attribute>
<attribute name="keystorePass" required="false">