Author: remy.maucherat(a)jboss.com Date: 2010-02-18 09:03:13 -0500 (Thu, 18 Feb 2010) New Revision: 1390 Modified: trunk/java/org/apache/catalina/realm/JNDIRealm.java trunk/java/org/apache/jasper/compiler/JavacErrorDetail.java trunk/java/org/apache/jasper/resources/LocalStrings.properties trunk/java/org/apache/jasper/security/SecurityClassLoad.java trunk/java/org/apache/jasper/servlet/JspServletWrapper.java trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java trunk/webapps/docs/changelog.xml Log: - Port minor Tomcat patches. Modified: trunk/java/org/apache/catalina/realm/JNDIRealm.java =================================================================== --- trunk/java/org/apache/catalina/realm/JNDIRealm.java 2010-02-17 02:03:46 UTC (rev 1389) +++ trunk/java/org/apache/catalina/realm/JNDIRealm.java 2010-02-18 14:03:13 UTC (rev 1390) @@ -24,6 +24,7 @@ import java.text.MessageFormat; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Hashtable; @@ -1673,7 +1674,7 @@ Set<String> newThisRound = new HashSet<String>(); // Stores the groups we find in this iteration for (String groupDN : newGroupDNs) { - filter = roleFormat.format(new String[] { groupDN, groupDN }); + filter = roleFormat.format(new String[] { groupDN }); if (containerLog.isTraceEnabled()) { containerLog.trace("Perform a nested group search with base "+ roleBase + " and filter " + filter); @@ -2196,26 +2197,38 @@ } -} + /** + * A private class representing a User + */ + protected static class User { + + private String username = null; + private String dn = null; + private String password = null; + private ArrayList<String> roles = null; -// ------------------------------------------------------ Private Classes - -/** - * A private class representing a User - */ -class User { - String username = null; - String dn = null; - String password = null; - ArrayList<String> roles = null; - - - User(String username, String dn, String password, - ArrayList<String> roles) { - this.username = username; - this.dn = dn; - this.password = password; - this.roles = roles; + User(String username, String dn, String password, + ArrayList<String> roles) { + this.username = username; + this.dn = dn; + this.password = password; + this.roles = roles; + } + + public String getUserName() { + return username; + } + + public String getDN() { + return dn; + } + + public String getPassword() { + return password; + } + + public List<String> getRoles() { + return Collections.unmodifiableList(roles); + } } - } Modified: trunk/java/org/apache/jasper/compiler/JavacErrorDetail.java =================================================================== --- trunk/java/org/apache/jasper/compiler/JavacErrorDetail.java 2010-02-17 02:03:46 UTC (rev 1389) +++ trunk/java/org/apache/jasper/compiler/JavacErrorDetail.java 2010-02-18 14:03:13 UTC (rev 1390) @@ -71,18 +71,9 @@ * @param jspBeginLineNum The start line number of the JSP element * responsible for the compilation error * @param errMsg The compilation error message + * @param ctxt The compilation context */ public JavacErrorDetail(String javaFileName, - int javaLineNum, - String jspFileName, - int jspBeginLineNum, - StringBuilder errMsg) { - - this(javaFileName, javaLineNum, jspFileName, jspBeginLineNum, errMsg, - null); - } - - public JavacErrorDetail(String javaFileName, int javaLineNum, String jspFileName, int jspBeginLineNum, @@ -94,14 +85,24 @@ this.jspBeginLineNum = jspBeginLineNum; if (jspBeginLineNum > 0 && ctxt != null) { + InputStream is = null; + FileInputStream fis = null; + try { // Read both files in, so we can inspect them - String[] jspLines = readFile - (ctxt.getResourceAsStream(jspFileName)); + is = ctxt.getResourceAsStream(jspFileName); + String[] jspLines = readFile(is); - String[] javaLines = readFile - (new FileInputStream(ctxt.getServletJavaFileName())); + fis = new FileInputStream(ctxt.getServletJavaFileName()); + String[] javaLines = readFile(fis); + if (jspLines.length < jspBeginLineNum) { + // Avoid ArrayIndexOutOfBoundsException + // Probably bug 48494 but could be some other cause + jspExtract = Localizer.getMessage("jsp.error.bug48494"); + return; + } + // If the line contains the opening of a multi-line scriptlet // block, then the JSP line number we got back is probably // faulty. Scan forward to match the java line... @@ -134,6 +135,21 @@ } catch (IOException ioe) { // Can't read files - ignore + } finally { + if (is != null) { + try { + is.close(); + } catch (IOException ioe) { + // Ignore + } + } + if (fis != null) { + try { + fis.close(); + } catch (IOException ioe) { + // Ignore + } + } } } } @@ -202,13 +218,13 @@ */ private String[] readFile(InputStream s) throws IOException { BufferedReader reader = new BufferedReader(new InputStreamReader(s)); - List lines = new ArrayList(); + List<String> lines = new ArrayList<String>(); String line; while ( (line = reader.readLine()) != null ) { lines.add(line); } - return (String[]) lines.toArray( new String[lines.size()] ); + return lines.toArray( new String[lines.size()] ); } } Modified: trunk/java/org/apache/jasper/resources/LocalStrings.properties =================================================================== --- trunk/java/org/apache/jasper/resources/LocalStrings.properties 2010-02-17 02:03:46 UTC (rev 1389) +++ trunk/java/org/apache/jasper/resources/LocalStrings.properties 2010-02-18 14:03:13 UTC (rev 1390) @@ -441,3 +441,6 @@ jsp.error.tag.invalid.trimdirectivewhitespaces=Tag directive: invalid value for trimDirectiveWhitespaces jsp.error.page.conflict.trimdirectivewhitespaces=Page directive: illegal to have multiple occurrences of 'trimDirectiveWhitespaces' with different values (old: {0}, new: {1}) jsp.error.tag.conflict.trimdirectivewhitespaces=Tag directive: illegal to have multiple occurrences of 'trimDirectiveWhitespaces' with different values (old: {0}, new: {1}) + +# JavacErrorDetail +jsp.error.bug48494=Unable to display JSP extract. Probably due to a JRE bug (see Tomcat bug 48498 for details). Modified: trunk/java/org/apache/jasper/security/SecurityClassLoad.java =================================================================== --- trunk/java/org/apache/jasper/security/SecurityClassLoad.java 2010-02-17 02:03:46 UTC (rev 1389) +++ trunk/java/org/apache/jasper/security/SecurityClassLoad.java 2010-02-18 14:03:13 UTC (rev 1390) @@ -99,6 +99,9 @@ loader.loadClass( basePackage + "runtime.JspContextWrapper"); + // Trigger loading of class and reading of property + SecurityUtil.isPackageProtectionEnabled(); + loader.loadClass( basePackage + "servlet.JspServletWrapper"); Modified: trunk/java/org/apache/jasper/servlet/JspServletWrapper.java =================================================================== --- trunk/java/org/apache/jasper/servlet/JspServletWrapper.java 2010-02-17 02:03:46 UTC (rev 1389) +++ trunk/java/org/apache/jasper/servlet/JspServletWrapper.java 2010-02-18 14:03:13 UTC (rev 1390) @@ -166,7 +166,7 @@ } public ServletContext getServletContext() { - return config.getServletContext(); + return ctxt.getServletContext(); } /** Modified: trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java =================================================================== --- trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 2010-02-17 02:03:46 UTC (rev 1389) +++ trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 2010-02-18 14:03:13 UTC (rev 1390) @@ -307,9 +307,6 @@ if( truststorePassword == null) { truststorePassword = System.getProperty("javax.net.ssl.trustStorePassword"); } - if( truststorePassword == null ) { - truststorePassword = getKeystorePassword(); - } if(log.isDebugEnabled()) { log.debug("TrustPass = " + truststorePassword); } @@ -336,7 +333,7 @@ log.debug("trustProvider = " + truststoreProvider); } - if (truststoreFile != null && truststorePassword != null){ + if (truststoreFile != null){ trustStore = getStore(truststoreType, truststoreProvider, truststoreFile, truststorePassword); } @@ -367,7 +364,11 @@ istream = new FileInputStream(keyStoreFile); } - ks.load(istream, pass.toCharArray()); + char[] storePass = null; + if (pass != null) { + storePass = pass.toCharArray(); + } + ks.load(istream, storePass); } catch (FileNotFoundException fnfe) { log.error(sm.getString("jsse.keystore_load_failed", type, path, fnfe.getMessage()), fnfe); Modified: trunk/webapps/docs/changelog.xml =================================================================== --- trunk/webapps/docs/changelog.xml 2010-02-17 02:03:46 UTC (rev 1389) +++ trunk/webapps/docs/changelog.xml 2010-02-18 14:03:13 UTC (rev 1390) @@ -20,9 +20,6 @@ <subsection name="Catalina"> <changelog> <fix> - <bug>48629</bug>: Nested role seach fix in JNDI realm, submitted by Gabriel. (markt) - </fix> - <fix> Add LDAP connection timeout in JNDI realm. (markt) </fix> <fix> @@ -38,6 +35,9 @@ <fix> <bug>48384</bug>: Per directory XSLT for default servlet. (markt) </fix> + <fix> + <bug>48589</bug>: JNDI realm extensibility. (markt) + </fix> </changelog> </subsection> <subsection name="Coyote"> @@ -45,6 +45,9 @@ <fix> <bug>48660</bug>: Add to vary header. (markt) </fix> + <fix> + <bug>48545</bug>: Optional password on truststores. (markt) + </fix> </changelog> </subsection> <subsection name="Jasper"> @@ -62,6 +65,18 @@ <fix> Rebase ELSupport. (remm) </fix> + <fix> + <bug>42314</bug>: More stream closing when reporting errors. (markt) + </fix> + <fix> + <bug>48498</bug>: Workaround for XML parser bug when reporting errors. (markt) + </fix> + <fix> + <bug>48580</bug>: Possible security exception on first JSP access. (markt) + </fix> + <fix> + <bug>48582</bug>: Avoid NPE on compilation errors of tag files. (markt) + </fix> </changelog> </subsection> </section>