Author: aogburn Date: 2014-07-25 14:03:58 -0400 (Fri, 25 Jul 2014) New Revision: 2484 Added: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java Removed: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java Modified: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/build.xml branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/security/SecurityClassLoad.java branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/servlets/DefaultServlet.java branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/jasper/compiler/JspDocumentParser.java branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/buf/Ascii.java branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/net/JIoEndpoint.java Log: [JBPAPP-11170] merge fixes Modified: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/build.xml =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/build.xml 2014-07-25 15:40:36 UTC (rev 2483) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/build.xml 2014-07-25 18:03:58 UTC (rev 2484) @@ -843,7 +843,7 @@ <target name="build-jasper-jdt-src"> <jar destfile="${jasper-jdt-src.jar}" index="true"> - <fileset dir="${jasper-jdt-src.home}/src/plugins/org.eclipse.jdt.core/model"> + <fileset dir="${jasper-jdt-src.home}/plugins/org.eclipse.jdt.core/model"> <include name="org/eclipse/jdt/core/compiler/**"/> <include name="org/eclipse/jdt/internal/compiler/**"/> <include name="org/eclipse/jdt/internal/core/util/CommentRecorder*"/> Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java ___________________________________________________________________ Added: svn:mergeinfo + /branches/2.1.x/java:2480-2482 Modified: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/security/SecurityClassLoad.java =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/security/SecurityClassLoad.java 2014-07-25 15:40:36 UTC (rev 2483) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/security/SecurityClassLoad.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -39,6 +39,7 @@ loadCorePackage(loader); loadLoaderPackage(loader); + loadServletsPackage(loader); loadSessionPackage(loader); loadUtilPackage(loader); loadJavaxPackage(loader); @@ -92,6 +93,18 @@ } + private static final void loadServletsPackage(ClassLoader loader) + throws Exception { + final String basePackage = "org.apache.catalina.servlets."; + // Avoid a possible memory leak in the DefaultServlet when running with + // a security manager. The DefaultServlet needs to load an XML parser + // when running under a security manager. We want this to be loaded by + // the container rather than a web application to prevent a memory leak + // via web application class loader. + loader.loadClass(basePackage + "DefaultServlet"); + } + + private final static void loadSessionPackage(ClassLoader loader) throws Exception { String basePackage = "org.apache.catalina."; Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/security/SecurityClassLoad.java ___________________________________________________________________ Added: svn:mergeinfo + /branches/2.1.x/java/org/apache/catalina/security/SecurityClassLoad.java:2480-2482 /branches/7.4.x/src/main/java/org/apache/catalina/security/SecurityClassLoad.java:2460 Modified: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/servlets/DefaultServlet.java =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/servlets/DefaultServlet.java 2014-07-25 15:40:36 UTC (rev 2483) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/servlets/DefaultServlet.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -33,8 +33,10 @@ import java.io.Reader; import java.io.StringReader; import java.io.StringWriter; +import java.security.AccessController; import java.util.ArrayList; import java.util.Iterator; +import java.util.Locale; import java.util.StringTokenizer; import javax.naming.InitialContext; @@ -48,10 +50,14 @@ import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.Source; import javax.xml.transform.Transformer; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; import javax.xml.transform.stream.StreamSource; @@ -64,6 +70,12 @@ import org.apache.naming.resources.ProxyDirContext; import org.apache.naming.resources.Resource; import org.apache.naming.resources.ResourceAttributes; +import org.apache.tomcat.util.security.PrivilegedGetTccl; +import org.apache.tomcat.util.security.PrivilegedSetTccl; +import org.w3c.dom.Document; +import org.xml.sax.InputSource; +import org.xml.sax.SAXException; +import org.xml.sax.ext.EntityResolver2; /** @@ -78,7 +90,10 @@ public class DefaultServlet extends HttpServlet { + private static final DocumentBuilderFactory factory; + private static final SecureEntityResolver secureEntityResolver; + // ----------------------------------------------------- Instance Variables @@ -178,6 +193,16 @@ urlEncoder.addSafeCharacter('.'); urlEncoder.addSafeCharacter('*'); urlEncoder.addSafeCharacter('/'); + + if (Globals.IS_SECURITY_ENABLED) { + factory = DocumentBuilderFactory.newInstance(); + factory.setNamespaceAware(true); + factory.setValidating(false); + secureEntityResolver = new SecureEntityResolver(); + } else { + factory = null; + secureEntityResolver = null; + } } @@ -1079,17 +1104,12 @@ * Decide which way to render. HTML or XML. */ protected InputStream render(String contextPath, CacheEntry cacheEntry) - throws IOException, ServletException { - - InputStream xsltInputStream = - findXsltInputStream(cacheEntry.context); - - if (xsltInputStream==null) { + throws IOException, ServletException { + Source xsltSource = findXsltInputStream(cacheEntry.context); + if (xsltSource == null) { return renderHtml(contextPath, cacheEntry); - } else { - return renderXml(contextPath, cacheEntry, xsltInputStream); } - + return renderXml(contextPath, cacheEntry, xsltSource); } /** @@ -1101,7 +1121,7 @@ */ protected InputStream renderXml(String contextPath, CacheEntry cacheEntry, - InputStream xsltInputStream) + Source xsltSource) throws IOException, ServletException { StringBuffer sb = new StringBuffer(); @@ -1188,12 +1208,28 @@ sb.append("</listing>"); + // Prevent possible memory leak. Ensure Transformer and + // TransformerFactory are not loaded from the web application. + ClassLoader original; + if (Globals.IS_SECURITY_ENABLED) { + PrivilegedGetTccl pa = new PrivilegedGetTccl(); + original = AccessController.doPrivileged(pa); + } else { + original = Thread.currentThread().getContextClassLoader(); + } + try { + if (Globals.IS_SECURITY_ENABLED) { + PrivilegedSetTccl pa = + new PrivilegedSetTccl(DefaultServlet.class.getClassLoader()); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader( + DefaultServlet.class.getClassLoader()); + } - try { TransformerFactory tFactory = TransformerFactory.newInstance(); Source xmlSource = new StreamSource(new StringReader(sb.toString())); - Source xslSource = new StreamSource(xsltInputStream); - Transformer transformer = tFactory.newTransformer(xslSource); + Transformer transformer = tFactory.newTransformer(xsltSource); ByteArrayOutputStream stream = new ByteArrayOutputStream(); OutputStreamWriter osWriter = new OutputStreamWriter(stream, "UTF8"); @@ -1203,6 +1239,13 @@ return (new ByteArrayInputStream(stream.toByteArray())); } catch (TransformerException e) { throw new ServletException("XSL transformer error", e); + } finally { + if (Globals.IS_SECURITY_ENABLED) { + PrivilegedSetTccl pa = new PrivilegedSetTccl(original); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader(original); + } } } @@ -1421,7 +1464,7 @@ /** * Return the xsl template inputstream (if possible) */ - protected InputStream findXsltInputStream(DirContext directory) + protected Source findXsltInputStream(DirContext directory) throws IOException, ServletException { if (localXsltFile != null) { @@ -1429,8 +1472,13 @@ Object obj = directory.lookup(localXsltFile); if ((obj != null) && (obj instanceof Resource)) { InputStream is = ((Resource) obj).streamContent(); - if (is != null) - return is; + if (is != null) { + if (Globals.IS_SECURITY_ENABLED) { + return secureXslt(is); + } else { + return new StreamSource(is); + } + } } } catch (NamingException e) { if (debug > 10) @@ -1443,20 +1491,24 @@ /* Open and read in file in one fell swoop to reduce chance * chance of leaving handle open. */ - if (globalXsltFile!=null) { - FileInputStream fis = null; - - try { - File f = new File(globalXsltFile); - if (f.exists()){ - fis =new FileInputStream(f); + if (globalXsltFile != null) { + File f = validateGlobalXsltFile(); + if (f != null){ + FileInputStream fis = null; + try { + fis = new FileInputStream(f); byte b[] = new byte[(int)f.length()]; /* danger! */ fis.read(b); - return new ByteArrayInputStream(b); + return new StreamSource(new ByteArrayInputStream(b)); + } finally { + if (fis != null) { + try { + fis.close(); + } catch (IOException ioe) { + // Ignore + } + } } - } finally { - if (fis!=null) - fis.close(); } } @@ -1465,6 +1517,90 @@ } + private File validateGlobalXsltFile() { + + File result = null; + String base = System.getProperty("catalina.base"); + + if (base != null) { + File baseConf = new File(base, "conf"); + result = validateGlobalXsltFile(baseConf); + } + + if (result == null) { + String home = System.getProperty("catalina.home"); + if (home != null && !home.equals(base)) { + File homeConf = new File(home, "conf"); + result = validateGlobalXsltFile(homeConf); + } + } + + return result; + } + + + private File validateGlobalXsltFile(File base) { + File candidate = new File(globalXsltFile); + if (!candidate.isAbsolute()) { + candidate = new File(base, globalXsltFile); + } + + if (!candidate.isFile()) { + return null; + } + + // First check that the resulting path is under the provided base + try { + if (!candidate.getCanonicalPath().startsWith(base.getCanonicalPath())) { + return null; + } + } catch (IOException ioe) { + return null; + } + + // Next check that an .xsl or .xslt file has been specified + String nameLower = candidate.getName().toLowerCase(Locale.ENGLISH); + if (!nameLower.endsWith(".xslt") && !nameLower.endsWith(".xsl")) { + return null; + } + + return candidate; + } + + + private Source secureXslt(InputStream is) { + // Need to filter out any external entities + Source result = null; + try { + DocumentBuilder builder = factory.newDocumentBuilder(); + builder.setEntityResolver(secureEntityResolver); + Document document = builder.parse(is); + result = new DOMSource(document); + } catch (ParserConfigurationException e) { + if (debug > 0) { + log(e.getMessage(), e); + } + } catch (SAXException e) { + if (debug > 0) { + log(e.getMessage(), e); + } + } catch (IOException e) { + if (debug > 0) { + log(e.getMessage(), e); + } + } finally { + if (is != null) { + try { + is.close(); + } catch (IOException e) { + // Ignore + } + } + } + return result; + } + + // -------------------------------------------------------- protected Methods @@ -2139,4 +2275,29 @@ } + /** + * This is secure in the sense that any attempt to use an external entity + * will trigger an exception. + */ + private static class SecureEntityResolver implements EntityResolver2 { + + @Override + public InputSource resolveEntity(String publicId, String systemId) + throws SAXException, IOException { + throw new SAXException("Ignored external entity " + publicId + " " + systemId); + } + + @Override + public InputSource getExternalSubset(String name, String baseURI) + throws SAXException, IOException { + throw new SAXException("Ignored external subset " + name + " " + baseURI); + } + + @Override + public InputSource resolveEntity(String name, String publicId, + String baseURI, String systemId) throws SAXException, + IOException { + throw new SAXException("Ignored external entity " + name + " " + publicId + " " + baseURI + " " + systemId); + } + } } Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/catalina/servlets/DefaultServlet.java ___________________________________________________________________ Added: svn:mergeinfo + /branches/2.1.x/java/org/apache/catalina/servlets/DefaultServlet.java:2480-2482 /branches/7.4.x/src/main/java/org/apache/catalina/servlets/DefaultServlet.java:2427 Modified: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 2014-07-25 15:40:36 UTC (rev 2483) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -266,7 +266,7 @@ int result = 0; boolean eol = false; - boolean readDigit = false; + int readDigit = 0; boolean trailer = false; while (!eol) { @@ -288,10 +288,10 @@ trailer = true; } else if (!trailer) { //don't read data after the trailer - if (HexUtils.DEC[buf[pos]] != -1) { - readDigit = true; - result *= 16; - result += HexUtils.DEC[buf[pos]]; + int charValue = HexUtils.DEC[buf[pos] & 0xff]; + if (charValue != -1 && readDigit < 8) { + readDigit++; + result = (result << 4) | charValue; } else { //we shouldn't allow invalid, non hex characters //in the chunked header @@ -303,7 +303,7 @@ } - if (!readDigit || (result < 0)) + if (readDigit == 0 || (result < 0)) throw new IOException("Invalid chunk header"); if (result == 0) Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java ___________________________________________________________________ Added: svn:mergeinfo + /branches/2.1.x/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java:2480-2482 /branches/7.4.x/src/main/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java:2428 Modified: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/jasper/compiler/JspDocumentParser.java =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/jasper/compiler/JspDocumentParser.java 2014-07-25 15:40:36 UTC (rev 2483) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/jasper/compiler/JspDocumentParser.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -20,7 +20,7 @@ import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; - +import java.security.AccessController; import java.util.Iterator; import java.util.List; import java.util.jar.JarFile; @@ -31,8 +31,11 @@ import javax.xml.parsers.SAXParser; import javax.xml.parsers.SAXParserFactory; +import org.apache.jasper.Constants; import org.apache.jasper.JasperException; import org.apache.jasper.JspCompilationContext; +import org.apache.tomcat.util.security.PrivilegedGetTccl; +import org.apache.tomcat.util.security.PrivilegedSetTccl; import org.xml.sax.Attributes; import org.xml.sax.InputSource; import org.xml.sax.Locator; @@ -1394,30 +1397,59 @@ * * @return The SAXParser */ - private static SAXParser getSAXParser( - boolean validating, - JspDocumentParser jspDocParser) - throws Exception { + private static SAXParser getSAXParser(boolean validating, + JspDocumentParser jspDocParser) throws Exception { - SAXParserFactory factory = SAXParserFactory.newInstance(); - factory.setNamespaceAware(true); + ClassLoader original; + if (Constants.IS_SECURITY_ENABLED) { + PrivilegedGetTccl pa = new PrivilegedGetTccl(); + original = AccessController.doPrivileged(pa); + } else { + original = Thread.currentThread().getContextClassLoader(); + } + try { + if (Constants.IS_SECURITY_ENABLED) { + PrivilegedSetTccl pa = new PrivilegedSetTccl( + JspDocumentParser.class.getClassLoader()); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader( + JspDocumentParser.class.getClassLoader()); + } - // Preserve xmlns attributes - factory.setFeature( - "http://xml.org/sax/features/namespace-prefixes", - true); - factory.setValidating(validating); - //factory.setFeature( - // "http://xml.org/sax/features/validation", - // validating); - - // Configure the parser - SAXParser saxParser = factory.newSAXParser(); - XMLReader xmlReader = saxParser.getXMLReader(); - xmlReader.setProperty(LEXICAL_HANDLER_PROPERTY, jspDocParser); - xmlReader.setErrorHandler(jspDocParser); + SAXParserFactory factory = SAXParserFactory.newInstance(); - return saxParser; + factory.setNamespaceAware(true); + // Preserve xmlns attributes + factory.setFeature( + "http://xml.org/sax/features/namespace-prefixes", true); + + factory.setValidating(validating); + if (validating) { + // Enable DTD validation + factory.setFeature("http://xml.org/sax/features/validation";, + true); + // Enable schema validation + factory.setFeature( + "http://apache.org/xml/features/validation/schema", + true); + } + + // Configure the parser + SAXParser saxParser = factory.newSAXParser(); + XMLReader xmlReader = saxParser.getXMLReader(); + xmlReader.setProperty(LEXICAL_HANDLER_PROPERTY, jspDocParser); + xmlReader.setErrorHandler(jspDocParser); + + return saxParser; + } finally { + if (Constants.IS_SECURITY_ENABLED) { + PrivilegedSetTccl pa = new PrivilegedSetTccl(original); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader(original); + } + } } /* Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/jasper/compiler/JspDocumentParser.java ___________________________________________________________________ Added: svn:mergeinfo + /branches/2.1.x/java/org/apache/jasper/compiler/JspDocumentParser.java:2480-2482 /branches/7.4.x/src/main/java/org/apache/jasper/compiler/JspDocumentParser.java:2427 Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util ___________________________________________________________________ Added: svn:mergeinfo + /branches/2.1.x/java/org/apache/tomcat/util:2480-2482 /branches/7.4.x/src/main/java/org/apache/tomcat/util:2427 Modified: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/buf/Ascii.java =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/buf/Ascii.java 2014-07-25 15:40:36 UTC (rev 2483) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/buf/Ascii.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -41,6 +41,8 @@ private static final boolean[] isWhite = new boolean[256]; private static final boolean[] isDigit = new boolean[256]; + private static final long OVERFLOW_LIMIT = Long.MAX_VALUE / 10; + /* * Initialize character translation and type tables. */ @@ -187,8 +189,7 @@ * @exception NumberFormatException if the long format was invalid */ public static long parseLong(byte[] b, int off, int len) - throws NumberFormatException - { + throws NumberFormatException { int c; if (b == null || len <= 0 || !isDigit(c = b[off++])) { @@ -196,20 +197,13 @@ } long n = c - '0'; - long m; - while (--len > 0) { - if (!isDigit(c = b[off++])) { + if (isDigit(c = b[off++]) + && (n < OVERFLOW_LIMIT || (n == OVERFLOW_LIMIT && (c - '0') < 8))) { + n = n * 10 + c - '0'; + } else { throw new NumberFormatException(); } - m = n * 10 + c - '0'; - - if (m < n) { - // Overflow - throw new NumberFormatException(); - } else { - n = m; - } } return n; Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/buf/Ascii.java ___________________________________________________________________ Added: svn:mergeinfo + /branches/2.1.x/java/org/apache/tomcat/util/buf/Ascii.java:2480-2482 /branches/7.4.x/src/main/java/org/apache/tomcat/util/buf/Ascii.java:2426-2427 Property changes on: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/net/JIoEndpoint.java ___________________________________________________________________ Added: svn:mergeinfo + /branches/7.4.x/src/main/java/org/apache/tomcat/util/net/JIoEndpoint.java:2427 Deleted: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java =================================================================== --- branches/2.1.x/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java 2014-07-23 20:38:09 UTC (rev 2482) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -1,28 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.tomcat.util.security; - -import java.security.PrivilegedAction; - -public class PrivilegedGetTccl implements PrivilegedAction<ClassLoader> { - @Override - public ClassLoader run() { - return Thread.currentThread().getContextClassLoader(); - } -} - - Copied: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java (from rev 2482, branches/2.1.x/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java) =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java (rev 0) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedGetTccl.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -0,0 +1,28 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.security; + +import java.security.PrivilegedAction; + +public class PrivilegedGetTccl implements PrivilegedAction<ClassLoader> { + @Override + public ClassLoader run() { + return Thread.currentThread().getContextClassLoader(); + } +} + + Deleted: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java =================================================================== --- branches/2.1.x/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java 2014-07-23 20:38:09 UTC (rev 2482) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -1,34 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.tomcat.util.security; - -import java.security.PrivilegedAction; - -public class PrivilegedSetTccl implements PrivilegedAction<Void> { - - private ClassLoader cl; - - public PrivilegedSetTccl(ClassLoader cl) { - this.cl = cl; - } - - @Override - public Void run() { - Thread.currentThread().setContextClassLoader(cl); - return null; - } -} \ No newline at end of file Copied: branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java (from rev 2482, branches/2.1.x/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java) =================================================================== --- branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java (rev 0) +++ branches/JBOSSWEB_2_1_12_GA_JBPAPP-11170/java/org/apache/tomcat/util/security/PrivilegedSetTccl.java 2014-07-25 18:03:58 UTC (rev 2484) @@ -0,0 +1,34 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.security; + +import java.security.PrivilegedAction; + +public class PrivilegedSetTccl implements PrivilegedAction<Void> { + + private ClassLoader cl; + + public PrivilegedSetTccl(ClassLoader cl) { + this.cl = cl; + } + + @Override + public Void run() { + Thread.currentThread().setContextClassLoader(cl); + return null; + } +} \ No newline at end of file