[jboss-cvs] Repository SVN: r27655 - in apache-tomcat/5.5.23.patch07-brew: lib and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Jul 8 17:59:10 EDT 2009
Author: permaine
Date: 2009-07-08 17:59:09 -0400 (Wed, 08 Jul 2009)
New Revision: 27655
Added:
apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2008-5515.patch
apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0033.patch
apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0580.patch
Removed:
apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2008-5515.patch
apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0033.patch
apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0580.patch
apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0783.patch
Modified:
apache-tomcat/5.5.23.patch07-brew/component-info.xml
apache-tomcat/5.5.23.patch07-brew/lib/catalina-manager.jar
apache-tomcat/5.5.23.patch07-brew/lib/catalina-optional.jar
apache-tomcat/5.5.23.patch07-brew/lib/catalina.jar
apache-tomcat/5.5.23.patch07-brew/lib/jasper-compiler-jdt.jar
apache-tomcat/5.5.23.patch07-brew/lib/jasper-compiler.jar
apache-tomcat/5.5.23.patch07-brew/lib/jasper-runtime.jar
apache-tomcat/5.5.23.patch07-brew/lib/naming-resources.jar
apache-tomcat/5.5.23.patch07-brew/lib/servlets-default.jar
apache-tomcat/5.5.23.patch07-brew/lib/servlets-invoker.jar
apache-tomcat/5.5.23.patch07-brew/lib/servlets-webdav.jar
apache-tomcat/5.5.23.patch07-brew/lib/tomcat-ajp.jar
apache-tomcat/5.5.23.patch07-brew/lib/tomcat-apr.jar
apache-tomcat/5.5.23.patch07-brew/lib/tomcat-coyote.jar
apache-tomcat/5.5.23.patch07-brew/lib/tomcat-http.jar
apache-tomcat/5.5.23.patch07-brew/lib/tomcat-util.jar
Log:
Reupload 5.5.23.patch07-brew
Modified: apache-tomcat/5.5.23.patch07-brew/component-info.xml
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/component-info.xml 2009-07-08 09:20:14 UTC (rev 27654)
+++ apache-tomcat/5.5.23.patch07-brew/component-info.xml 2009-07-08 21:59:09 UTC (rev 27655)
@@ -6,7 +6,7 @@
projectHome="http://tomcat.apache.org"
description="Tomcat 5.5 servlet 2.4 web container with fixes for ASPATCH-234 and IT #168408, as well as fixes for CVE-2007-2449, CVE-2007-2450, CVE-2007-3386, CVE-2007-3382, CVE-2007-3385, 2007-5342, and CVE-2007-5461, plus CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2008-2938, CVE-2007-5333"
scm=":ext:cvs.devel.redhat.com:/cvs/dist/tomcat5"
- tag="tomcat5-5_5_23-5_patch07_0jpp_1jb">
+ tag="tomcat5-5_5_23-5_patch07_0jpp_2jb">
<!-- Built using JDK 1.4 -->
<artifact id="catalina-manager.jar"/>
<artifact id="catalina-optional.jar"/>
Modified: apache-tomcat/5.5.23.patch07-brew/lib/catalina-manager.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/catalina-optional.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/catalina.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/jasper-compiler-jdt.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/jasper-compiler.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/jasper-runtime.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/naming-resources.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/servlets-default.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/servlets-invoker.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/servlets-webdav.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/tomcat-ajp.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/tomcat-apr.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/tomcat-coyote.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/tomcat-http.jar
===================================================================
(Binary files differ)
Modified: apache-tomcat/5.5.23.patch07-brew/lib/tomcat-util.jar
===================================================================
(Binary files differ)
Added: apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2008-5515.patch
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2008-5515.patch (rev 0)
+++ apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2008-5515.patch 2009-07-08 21:59:09 UTC (rev 27655)
@@ -0,0 +1,315 @@
+--- container/catalina/src/share/org/apache/catalina/connector/Request.java 2009-06-08 17:03:56.000000000 +0200
++++ container/catalina/src/share/org/apache/catalina/connector/Request.java 2009-06-09 10:07:57.000000000 +0200
+@@ -1243,10 +1243,9 @@
+ int pos = requestPath.lastIndexOf('/');
+ String relative = null;
+ if (pos >= 0) {
+- relative = RequestUtil.normalize
+- (requestPath.substring(0, pos + 1) + path);
++ relative = requestPath.substring(0, pos + 1) + path;
+ } else {
+- relative = RequestUtil.normalize(requestPath + path);
++ relative = requestPath + path;
+ }
+
+ return (context.getServletContext().getRequestDispatcher(relative));
+--- container/catalina/src/share/org/apache/catalina/core/ApplicationContext.java 2009-06-08 17:03:56.000000000 +0200
++++ container/catalina/src/share/org/apache/catalina/core/ApplicationContext.java 2009-06-09 10:27:18.000000000 +0200
+@@ -43,6 +43,7 @@
+ import org.apache.catalina.Wrapper;
+ import org.apache.catalina.deploy.ApplicationParameter;
+ import org.apache.catalina.util.Enumerator;
++import org.apache.catalina.util.RequestUtil;
+ import org.apache.catalina.util.ResourceSet;
+ import org.apache.catalina.util.ServerInfo;
+ import org.apache.catalina.util.StringManager;
+@@ -388,7 +389,7 @@
+ path = path.substring(0, pos);
+ }
+
+- path = normalize(path);
++ path = RequestUtil.normalize(path);
+ if (path == null)
+ return (null);
+
+@@ -475,7 +476,7 @@
+ throw new MalformedURLException(sm.getString("applicationContext.requestDispatcher.iae", path));
+ }
+
+- path = normalize(path);
++ path = RequestUtil.normalize(path);
+ if (path == null)
+ return (null);
+
+@@ -524,10 +525,13 @@
+ */
+ public InputStream getResourceAsStream(String path) {
+
+- path = normalize(path);
+ if (path == null)
+ return (null);
+
++ path = RequestUtil.normalize(path);
++ if (path == null)
++ return null;
++
+ DirContext resources = context.getResources();
+ if (resources != null) {
+ try {
+@@ -560,7 +564,7 @@
+ (sm.getString("applicationContext.resourcePaths.iae", path));
+ }
+
+- path = normalize(path);
++ path = RequestUtil.normalize(path);
+ if (path == null)
+ return (null);
+
+@@ -870,45 +874,6 @@
+
+
+ /**
+- * Return a context-relative path, beginning with a "/", that represents
+- * the canonical version of the specified path after ".." and "." elements
+- * are resolved out. If the specified path attempts to go outside the
+- * boundaries of the current context (i.e. too many ".." path elements
+- * are present), return <code>null</code> instead.
+- *
+- * @param path Path to be normalized
+- */
+- private String normalize(String path) {
+-
+- if (path == null) {
+- return null;
+- }
+-
+- String normalized = path;
+-
+- // Normalize the slashes and add leading slash if necessary
+- if (normalized.indexOf('\\') >= 0)
+- normalized = normalized.replace('\\', '/');
+-
+- // Resolve occurrences of "/../" in the normalized path
+- while (true) {
+- int index = normalized.indexOf("/../");
+- if (index < 0)
+- break;
+- if (index == 0)
+- return (null); // Trying to go outside our context
+- int index2 = normalized.lastIndexOf('/', index - 1);
+- normalized = normalized.substring(0, index2) +
+- normalized.substring(index + 3);
+- }
+-
+- // Return the normalized path that we have completed
+- return (normalized);
+-
+- }
+-
+-
+- /**
+ * Merge the context initialization parameters specified in the application
+ * deployment descriptor with the application parameters described in the
+ * server configuration, respecting the <code>override</code> property of
+--- container/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java 2007-03-05 16:27:43.000000000 +0100
++++ container/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java 2009-06-09 10:07:57.000000000 +0200
+@@ -318,10 +318,9 @@
+ int pos = requestPath.lastIndexOf('/');
+ String relative = null;
+ if (pos >= 0) {
+- relative = RequestUtil.normalize
+- (requestPath.substring(0, pos + 1) + path);
++ relative = requestPath.substring(0, pos + 1) + path;
+ } else {
+- relative = RequestUtil.normalize(requestPath + path);
++ relative = requestPath + path;
+ }
+
+ return (context.getServletContext().getRequestDispatcher(relative));
+--- container/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java 2009-06-08 17:03:55.000000000 +0200
++++ container/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java 2009-06-09 10:07:57.000000000 +0200
+@@ -1329,76 +1329,6 @@
+ resp.setStatus(WebdavStatus.SC_NO_CONTENT);
+ }
+
+- /**
+- * Return a context-relative path, beginning with a "/", that represents
+- * the canonical version of the specified path after ".." and "." elements
+- * are resolved out. If the specified path attempts to go outside the
+- * boundaries of the current context (i.e. too many ".." path elements
+- * are present), return <code>null</code> instead.
+- *
+- * @param path Path to be normalized
+- */
+- protected String normalize(String path) {
+- if (path == null) {
+- return null;
+- }
+-
+- // Create a place for the normalized path
+- String normalized = path;
+-
+- if (normalized.equals("/.")) {
+- return "/";
+- }
+-
+- // Normalize the slashes and add leading slash if necessary
+- if (normalized.indexOf('\\') >= 0) {
+- normalized = normalized.replace('\\', '/');
+- }
+-
+- if (!normalized.startsWith("/")) {
+- normalized = "/" + normalized;
+- }
+-
+- // Resolve occurrences of "//" in the normalized path
+- while (true) {
+- int index = normalized.indexOf("//");
+- if (index < 0) {
+- break;
+- }
+- normalized = normalized.substring(0, index) +
+- normalized.substring(index + 1);
+- }
+-
+- // Resolve occurrences of "/./" in the normalized path
+- while (true) {
+- int index = normalized.indexOf("/./");
+- if (index < 0) {
+- break;
+- }
+- normalized = normalized.substring(0, index) +
+- normalized.substring(index + 2);
+- }
+-
+- // Resolve occurrences of "/../" in the normalized path
+- while (true) {
+- int index = normalized.indexOf("/../");
+- if (index < 0) {
+- break;
+- }
+- if (index == 0) {
+- return (null); // Trying to go outside our context
+- }
+-
+- int index2 = normalized.lastIndexOf('/', index - 1);
+- normalized = normalized.substring(0, index2) +
+- normalized.substring(index + 3);
+- }
+-
+- // Return the normalized path that we have completed
+- return (normalized);
+- }
+-
+-
+ // -------------------------------------------------------- Private Methods
+
+ /**
+@@ -1549,7 +1479,7 @@
+ }
+
+ // Normalise destination path (remove '.' and '..')
+- destinationPath = normalize(destinationPath);
++ destinationPath = RequestUtil.normalize(destinationPath);
+
+ String contextPath = req.getContextPath();
+ if ((contextPath != null) &&
+@@ -2290,7 +2220,8 @@
+ if (!toAppend.startsWith("/"))
+ toAppend = "/" + toAppend;
+
+- generatedXML.writeText(rewriteUrl(normalize(absoluteUri + toAppend)));
++ generatedXML.writeText(rewriteUrl(RequestUtil.normalize(
++ absoluteUri + toAppend)));
+
+ generatedXML.writeElement(null, "href", XMLWriter.CLOSING);
+
+--- container/catalina/src/share/org/apache/catalina/ssi/SSIServletExternalResolver.java 2007-03-05 16:27:46.000000000 +0100
++++ container/catalina/src/share/org/apache/catalina/ssi/SSIServletExternalResolver.java 2009-06-09 10:07:57.000000000 +0200
+@@ -25,6 +25,7 @@
+ import javax.servlet.http.HttpServletRequest;
+ import javax.servlet.http.HttpServletResponse;
+ import org.apache.catalina.connector.Request;
++import org.apache.catalina.util.RequestUtil;
+ import org.apache.coyote.Constants;
+
+ /**
+@@ -366,7 +367,7 @@
+ + pathWithoutContext);
+ }
+ String fullPath = prefix + path;
+- String retVal = SSIServletRequestUtil.normalize(fullPath);
++ String retVal = RequestUtil.normalize(fullPath);
+ if (retVal == null) {
+ throw new IOException("Normalization yielded null on path: "
+ + fullPath);
+@@ -399,7 +400,7 @@
+ return new ServletContextAndPath(context,
+ getAbsolutePath(virtualPath));
+ } else {
+- String normalized = SSIServletRequestUtil.normalize(virtualPath);
++ String normalized = RequestUtil.normalize(virtualPath);
+ if (isVirtualWebappRelative) {
+ return new ServletContextAndPath(context, normalized);
+ } else {
+--- container/catalina/src/share/org/apache/catalina/ssi/SSIServletRequestUtil.java 2007-03-05 16:27:46.000000000 +0100
++++ container/catalina/src/share/org/apache/catalina/ssi/SSIServletRequestUtil.java 2009-06-09 10:07:57.000000000 +0200
+@@ -41,7 +41,7 @@
+ if ((result == null) || (result.equals(""))) {
+ result = "/";
+ }
+- return normalize(result);
++ return RequestUtil.normalize(result);
+ }
+
+
+@@ -57,15 +57,9 @@
+ *
+ * @param path
+ * Path to be normalized
++ * @deprecated
+ */
+ public static String normalize(String path) {
+- if (path == null) return null;
+- String normalized = path;
+- //Why doesn't RequestUtil do this??
+- // Normalize the slashes and add leading slash if necessary
+- if (normalized.indexOf('\\') >= 0)
+- normalized = normalized.replace('\\', '/');
+- normalized = RequestUtil.normalize(path);
+- return normalized;
++ return RequestUtil.normalize(path);
+ }
+ }
+--- container/catalina/src/share/org/apache/catalina/util/RequestUtil.java 2007-03-05 16:27:47.000000000 +0100
++++ container/catalina/src/share/org/apache/catalina/util/RequestUtil.java 2009-06-09 10:07:57.000000000 +0200
+@@ -148,6 +148,19 @@
+ * @param path Relative path to be normalized
+ */
+ public static String normalize(String path) {
++ return normalize(path, true);
++ }
++
++ /**
++ * Normalize a relative URI path that may have relative values ("/./",
++ * "/../", and so on ) it it. <strong>WARNING</strong> - This method is
++ * useful only for normalizing application-generated paths. It does not
++ * try to perform security checks for malicious input.
++ *
++ * @param path Relative path to be normalized
++ * @param replaceBackSlash Should '\\' be replaced with '/'
++ */
++ public static String normalize(String path, boolean replaceBackSlash) {
+
+ if (path == null)
+ return null;
+@@ -155,6 +168,9 @@
+ // Create a place for the normalized path
+ String normalized = path;
+
++ if (replaceBackSlash && normalized.indexOf('\\') >= 0)
++ normalized = normalized.replace('\\', '/');
++
+ if (normalized.equals("/."))
+ return "/";
+
Added: apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0033.patch
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0033.patch (rev 0)
+++ apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0033.patch 2009-07-08 21:59:09 UTC (rev 27655)
@@ -0,0 +1,55 @@
+--- connectors/jk/java/org/apache/jk/common/ChannelNioSocket.java 2007-03-05 16:27:34.000000000 +0100
++++ connectors/jk/java/org/apache/jk/common/ChannelNioSocket.java 2009-06-09 11:02:33.000000000 +0200
+@@ -55,6 +55,7 @@
+ import org.apache.coyote.Request;
+ import org.apache.coyote.RequestGroupInfo;
+ import org.apache.coyote.RequestInfo;
++import org.apache.coyote.ActionCode;
+ import org.apache.tomcat.util.threads.ThreadPool;
+ import org.apache.tomcat.util.threads.ThreadPoolRunnable;
+
+@@ -853,6 +854,7 @@
+ status= invoke( recv, ep );
+ if( status != JkHandler.OK ) {
+ log.warn("processCallbacks status " + status );
++ ep.action(ActionCode.ACTION_CLOSE, ep.getRequest().getResponse());
+ return false;
+ }
+ synchronized(this) {
+--- connectors/jk/java/org/apache/jk/common/ChannelSocket.java 2007-03-05 16:27:34.000000000 +0100
++++ connectors/jk/java/org/apache/jk/common/ChannelSocket.java 2009-06-09 11:06:06.000000000 +0200
+@@ -46,6 +46,7 @@
+ import org.apache.coyote.Request;
+ import org.apache.coyote.RequestGroupInfo;
+ import org.apache.coyote.RequestInfo;
++import org.apache.coyote.ActionCode;
+ import org.apache.tomcat.util.threads.ThreadPool;
+ import org.apache.tomcat.util.threads.ThreadPoolRunnable;
+
+@@ -703,6 +704,7 @@
+ status= this.invoke( recv, ep );
+ if( status!= JkHandler.OK ) {
+ log.warn("processCallbacks status " + status );
++ ep.action(ActionCode.ACTION_CLOSE, ep.getRequest().getResponse());
+ break;
+ }
+ }
+--- connectors/jk/java/org/apache/jk/common/HandlerRequest.java 2007-03-05 16:27:35.000000000 +0100
++++ connectors/jk/java/org/apache/jk/common/HandlerRequest.java 2009-06-09 11:02:33.000000000 +0200
+@@ -265,8 +265,16 @@
+ ((Request)ep.getRequest()).unparsedURI());
+ }
+ } catch( Exception ex ) {
++ /* If we are here it is because we have a bad header or something like that */
+ log.error( "Error decoding request ", ex );
+ msg.dump( "Incomming message");
++ Response res=ep.getRequest().getResponse();
++ if ( res==null ) {
++ res=new Response();
++ ep.getRequest().setResponse(res);
++ }
++ res.setMessage("Bad Request");
++ res.setStatus(400);
+ return ERROR;
+ }
+
Added: apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0580.patch
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0580.patch (rev 0)
+++ apache-tomcat/5.5.23.patch07-brew/src/tomcat5-5.5.23-CVE-2009-0580.patch 2009-07-08 21:59:09 UTC (rev 27655)
@@ -0,0 +1,41 @@
+--- container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java 2007-03-05 16:27:44.000000000 +0100
++++ container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java 2009-06-09 18:37:04.000000000 +0200
+@@ -270,8 +270,9 @@
+ */
+ public Principal authenticate(String username, String credentials) {
+
+- // No user - can't possibly authenticate, don't bother the database then
+- if (username == null) {
++ // No user or no credentials
++ // Can't possibly authenticate, don't bother the database then
++ if (username == null || credentials == null) {
+ return null;
+ }
+
+--- container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java 2007-03-05 16:27:44.000000000 +0100
++++ container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java 2009-06-09 18:37:04.000000000 +0200
+@@ -392,9 +392,10 @@
+ String username,
+ String credentials) {
+
+- // No user - can't possibly authenticate
+- if (username == null) {
+- return (null);
++ // No user or no credentials
++ // Can't possibly authenticate, don't bother the database then
++ if (username == null || credentials == null) {
++ return null;
+ }
+
+ // Look up the user's credentials
+--- container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java 2007-03-05 16:27:44.000000000 +0100
++++ container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java 2009-06-09 18:37:04.000000000 +0200
+@@ -147,7 +147,7 @@
+ (GenericPrincipal) principals.get(username);
+
+ boolean validated = false;
+- if (principal != null) {
++ if (principal != null && credentials != null) {
+ if (hasMessageDigest()) {
+ // Hex hashes should be compared case-insensitive
+ validated = (digest(credentials)
Deleted: apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2008-5515.patch
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2008-5515.patch 2009-07-08 09:20:14 UTC (rev 27654)
+++ apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2008-5515.patch 2009-07-08 21:59:09 UTC (rev 27655)
@@ -1,315 +0,0 @@
---- container/catalina/src/share/org/apache/catalina/connector/Request.java 2009-06-08 17:03:56.000000000 +0200
-+++ container/catalina/src/share/org/apache/catalina/connector/Request.java 2009-06-09 10:07:57.000000000 +0200
-@@ -1243,10 +1243,9 @@
- int pos = requestPath.lastIndexOf('/');
- String relative = null;
- if (pos >= 0) {
-- relative = RequestUtil.normalize
-- (requestPath.substring(0, pos + 1) + path);
-+ relative = requestPath.substring(0, pos + 1) + path;
- } else {
-- relative = RequestUtil.normalize(requestPath + path);
-+ relative = requestPath + path;
- }
-
- return (context.getServletContext().getRequestDispatcher(relative));
---- container/catalina/src/share/org/apache/catalina/core/ApplicationContext.java 2009-06-08 17:03:56.000000000 +0200
-+++ container/catalina/src/share/org/apache/catalina/core/ApplicationContext.java 2009-06-09 10:27:18.000000000 +0200
-@@ -43,6 +43,7 @@
- import org.apache.catalina.Wrapper;
- import org.apache.catalina.deploy.ApplicationParameter;
- import org.apache.catalina.util.Enumerator;
-+import org.apache.catalina.util.RequestUtil;
- import org.apache.catalina.util.ResourceSet;
- import org.apache.catalina.util.ServerInfo;
- import org.apache.catalina.util.StringManager;
-@@ -388,7 +389,7 @@
- path = path.substring(0, pos);
- }
-
-- path = normalize(path);
-+ path = RequestUtil.normalize(path);
- if (path == null)
- return (null);
-
-@@ -475,7 +476,7 @@
- throw new MalformedURLException(sm.getString("applicationContext.requestDispatcher.iae", path));
- }
-
-- path = normalize(path);
-+ path = RequestUtil.normalize(path);
- if (path == null)
- return (null);
-
-@@ -524,10 +525,13 @@
- */
- public InputStream getResourceAsStream(String path) {
-
-- path = normalize(path);
- if (path == null)
- return (null);
-
-+ path = RequestUtil.normalize(path);
-+ if (path == null)
-+ return null;
-+
- DirContext resources = context.getResources();
- if (resources != null) {
- try {
-@@ -560,7 +564,7 @@
- (sm.getString("applicationContext.resourcePaths.iae", path));
- }
-
-- path = normalize(path);
-+ path = RequestUtil.normalize(path);
- if (path == null)
- return (null);
-
-@@ -870,45 +874,6 @@
-
-
- /**
-- * Return a context-relative path, beginning with a "/", that represents
-- * the canonical version of the specified path after ".." and "." elements
-- * are resolved out. If the specified path attempts to go outside the
-- * boundaries of the current context (i.e. too many ".." path elements
-- * are present), return <code>null</code> instead.
-- *
-- * @param path Path to be normalized
-- */
-- private String normalize(String path) {
--
-- if (path == null) {
-- return null;
-- }
--
-- String normalized = path;
--
-- // Normalize the slashes and add leading slash if necessary
-- if (normalized.indexOf('\\') >= 0)
-- normalized = normalized.replace('\\', '/');
--
-- // Resolve occurrences of "/../" in the normalized path
-- while (true) {
-- int index = normalized.indexOf("/../");
-- if (index < 0)
-- break;
-- if (index == 0)
-- return (null); // Trying to go outside our context
-- int index2 = normalized.lastIndexOf('/', index - 1);
-- normalized = normalized.substring(0, index2) +
-- normalized.substring(index + 3);
-- }
--
-- // Return the normalized path that we have completed
-- return (normalized);
--
-- }
--
--
-- /**
- * Merge the context initialization parameters specified in the application
- * deployment descriptor with the application parameters described in the
- * server configuration, respecting the <code>override</code> property of
---- container/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java 2007-03-05 16:27:43.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/core/ApplicationHttpRequest.java 2009-06-09 10:07:57.000000000 +0200
-@@ -318,10 +318,9 @@
- int pos = requestPath.lastIndexOf('/');
- String relative = null;
- if (pos >= 0) {
-- relative = RequestUtil.normalize
-- (requestPath.substring(0, pos + 1) + path);
-+ relative = requestPath.substring(0, pos + 1) + path;
- } else {
-- relative = RequestUtil.normalize(requestPath + path);
-+ relative = requestPath + path;
- }
-
- return (context.getServletContext().getRequestDispatcher(relative));
---- container/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java 2009-06-08 17:03:55.000000000 +0200
-+++ container/catalina/src/share/org/apache/catalina/servlets/WebdavServlet.java 2009-06-09 10:07:57.000000000 +0200
-@@ -1329,76 +1329,6 @@
- resp.setStatus(WebdavStatus.SC_NO_CONTENT);
- }
-
-- /**
-- * Return a context-relative path, beginning with a "/", that represents
-- * the canonical version of the specified path after ".." and "." elements
-- * are resolved out. If the specified path attempts to go outside the
-- * boundaries of the current context (i.e. too many ".." path elements
-- * are present), return <code>null</code> instead.
-- *
-- * @param path Path to be normalized
-- */
-- protected String normalize(String path) {
-- if (path == null) {
-- return null;
-- }
--
-- // Create a place for the normalized path
-- String normalized = path;
--
-- if (normalized.equals("/.")) {
-- return "/";
-- }
--
-- // Normalize the slashes and add leading slash if necessary
-- if (normalized.indexOf('\\') >= 0) {
-- normalized = normalized.replace('\\', '/');
-- }
--
-- if (!normalized.startsWith("/")) {
-- normalized = "/" + normalized;
-- }
--
-- // Resolve occurrences of "//" in the normalized path
-- while (true) {
-- int index = normalized.indexOf("//");
-- if (index < 0) {
-- break;
-- }
-- normalized = normalized.substring(0, index) +
-- normalized.substring(index + 1);
-- }
--
-- // Resolve occurrences of "/./" in the normalized path
-- while (true) {
-- int index = normalized.indexOf("/./");
-- if (index < 0) {
-- break;
-- }
-- normalized = normalized.substring(0, index) +
-- normalized.substring(index + 2);
-- }
--
-- // Resolve occurrences of "/../" in the normalized path
-- while (true) {
-- int index = normalized.indexOf("/../");
-- if (index < 0) {
-- break;
-- }
-- if (index == 0) {
-- return (null); // Trying to go outside our context
-- }
--
-- int index2 = normalized.lastIndexOf('/', index - 1);
-- normalized = normalized.substring(0, index2) +
-- normalized.substring(index + 3);
-- }
--
-- // Return the normalized path that we have completed
-- return (normalized);
-- }
--
--
- // -------------------------------------------------------- Private Methods
-
- /**
-@@ -1549,7 +1479,7 @@
- }
-
- // Normalise destination path (remove '.' and '..')
-- destinationPath = normalize(destinationPath);
-+ destinationPath = RequestUtil.normalize(destinationPath);
-
- String contextPath = req.getContextPath();
- if ((contextPath != null) &&
-@@ -2290,7 +2220,8 @@
- if (!toAppend.startsWith("/"))
- toAppend = "/" + toAppend;
-
-- generatedXML.writeText(rewriteUrl(normalize(absoluteUri + toAppend)));
-+ generatedXML.writeText(rewriteUrl(RequestUtil.normalize(
-+ absoluteUri + toAppend)));
-
- generatedXML.writeElement(null, "href", XMLWriter.CLOSING);
-
---- container/catalina/src/share/org/apache/catalina/ssi/SSIServletExternalResolver.java 2007-03-05 16:27:46.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/ssi/SSIServletExternalResolver.java 2009-06-09 10:07:57.000000000 +0200
-@@ -25,6 +25,7 @@
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import org.apache.catalina.connector.Request;
-+import org.apache.catalina.util.RequestUtil;
- import org.apache.coyote.Constants;
-
- /**
-@@ -366,7 +367,7 @@
- + pathWithoutContext);
- }
- String fullPath = prefix + path;
-- String retVal = SSIServletRequestUtil.normalize(fullPath);
-+ String retVal = RequestUtil.normalize(fullPath);
- if (retVal == null) {
- throw new IOException("Normalization yielded null on path: "
- + fullPath);
-@@ -399,7 +400,7 @@
- return new ServletContextAndPath(context,
- getAbsolutePath(virtualPath));
- } else {
-- String normalized = SSIServletRequestUtil.normalize(virtualPath);
-+ String normalized = RequestUtil.normalize(virtualPath);
- if (isVirtualWebappRelative) {
- return new ServletContextAndPath(context, normalized);
- } else {
---- container/catalina/src/share/org/apache/catalina/ssi/SSIServletRequestUtil.java 2007-03-05 16:27:46.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/ssi/SSIServletRequestUtil.java 2009-06-09 10:07:57.000000000 +0200
-@@ -41,7 +41,7 @@
- if ((result == null) || (result.equals(""))) {
- result = "/";
- }
-- return normalize(result);
-+ return RequestUtil.normalize(result);
- }
-
-
-@@ -57,15 +57,9 @@
- *
- * @param path
- * Path to be normalized
-+ * @deprecated
- */
- public static String normalize(String path) {
-- if (path == null) return null;
-- String normalized = path;
-- //Why doesn't RequestUtil do this??
-- // Normalize the slashes and add leading slash if necessary
-- if (normalized.indexOf('\\') >= 0)
-- normalized = normalized.replace('\\', '/');
-- normalized = RequestUtil.normalize(path);
-- return normalized;
-+ return RequestUtil.normalize(path);
- }
- }
---- container/catalina/src/share/org/apache/catalina/util/RequestUtil.java 2007-03-05 16:27:47.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/util/RequestUtil.java 2009-06-09 10:07:57.000000000 +0200
-@@ -148,6 +148,19 @@
- * @param path Relative path to be normalized
- */
- public static String normalize(String path) {
-+ return normalize(path, true);
-+ }
-+
-+ /**
-+ * Normalize a relative URI path that may have relative values ("/./",
-+ * "/../", and so on ) it it. <strong>WARNING</strong> - This method is
-+ * useful only for normalizing application-generated paths. It does not
-+ * try to perform security checks for malicious input.
-+ *
-+ * @param path Relative path to be normalized
-+ * @param replaceBackSlash Should '\\' be replaced with '/'
-+ */
-+ public static String normalize(String path, boolean replaceBackSlash) {
-
- if (path == null)
- return null;
-@@ -155,6 +168,9 @@
- // Create a place for the normalized path
- String normalized = path;
-
-+ if (replaceBackSlash && normalized.indexOf('\\') >= 0)
-+ normalized = normalized.replace('\\', '/');
-+
- if (normalized.equals("/."))
- return "/";
-
Deleted: apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0033.patch
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0033.patch 2009-07-08 09:20:14 UTC (rev 27654)
+++ apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0033.patch 2009-07-08 21:59:09 UTC (rev 27655)
@@ -1,55 +0,0 @@
---- connectors/jk/java/org/apache/jk/common/ChannelNioSocket.java 2007-03-05 16:27:34.000000000 +0100
-+++ connectors/jk/java/org/apache/jk/common/ChannelNioSocket.java 2009-06-09 11:02:33.000000000 +0200
-@@ -55,6 +55,7 @@
- import org.apache.coyote.Request;
- import org.apache.coyote.RequestGroupInfo;
- import org.apache.coyote.RequestInfo;
-+import org.apache.coyote.ActionCode;
- import org.apache.tomcat.util.threads.ThreadPool;
- import org.apache.tomcat.util.threads.ThreadPoolRunnable;
-
-@@ -853,6 +854,7 @@
- status= invoke( recv, ep );
- if( status != JkHandler.OK ) {
- log.warn("processCallbacks status " + status );
-+ ep.action(ActionCode.ACTION_CLOSE, ep.getRequest().getResponse());
- return false;
- }
- synchronized(this) {
---- connectors/jk/java/org/apache/jk/common/ChannelSocket.java 2007-03-05 16:27:34.000000000 +0100
-+++ connectors/jk/java/org/apache/jk/common/ChannelSocket.java 2009-06-09 11:06:06.000000000 +0200
-@@ -46,6 +46,7 @@
- import org.apache.coyote.Request;
- import org.apache.coyote.RequestGroupInfo;
- import org.apache.coyote.RequestInfo;
-+import org.apache.coyote.ActionCode;
- import org.apache.tomcat.util.threads.ThreadPool;
- import org.apache.tomcat.util.threads.ThreadPoolRunnable;
-
-@@ -703,6 +704,7 @@
- status= this.invoke( recv, ep );
- if( status!= JkHandler.OK ) {
- log.warn("processCallbacks status " + status );
-+ ep.action(ActionCode.ACTION_CLOSE, ep.getRequest().getResponse());
- break;
- }
- }
---- connectors/jk/java/org/apache/jk/common/HandlerRequest.java 2007-03-05 16:27:35.000000000 +0100
-+++ connectors/jk/java/org/apache/jk/common/HandlerRequest.java 2009-06-09 11:02:33.000000000 +0200
-@@ -265,8 +265,16 @@
- ((Request)ep.getRequest()).unparsedURI());
- }
- } catch( Exception ex ) {
-+ /* If we are here it is because we have a bad header or something like that */
- log.error( "Error decoding request ", ex );
- msg.dump( "Incomming message");
-+ Response res=ep.getRequest().getResponse();
-+ if ( res==null ) {
-+ res=new Response();
-+ ep.getRequest().setResponse(res);
-+ }
-+ res.setMessage("Bad Request");
-+ res.setStatus(400);
- return ERROR;
- }
-
Deleted: apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0580.patch
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0580.patch 2009-07-08 09:20:14 UTC (rev 27654)
+++ apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0580.patch 2009-07-08 21:59:09 UTC (rev 27655)
@@ -1,41 +0,0 @@
---- container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java 2007-03-05 16:27:44.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/realm/DataSourceRealm.java 2009-06-09 18:37:04.000000000 +0200
-@@ -270,8 +270,9 @@
- */
- public Principal authenticate(String username, String credentials) {
-
-- // No user - can't possibly authenticate, don't bother the database then
-- if (username == null) {
-+ // No user or no credentials
-+ // Can't possibly authenticate, don't bother the database then
-+ if (username == null || credentials == null) {
- return null;
- }
-
---- container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java 2007-03-05 16:27:44.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java 2009-06-09 18:37:04.000000000 +0200
-@@ -392,9 +392,10 @@
- String username,
- String credentials) {
-
-- // No user - can't possibly authenticate
-- if (username == null) {
-- return (null);
-+ // No user or no credentials
-+ // Can't possibly authenticate, don't bother the database then
-+ if (username == null || credentials == null) {
-+ return null;
- }
-
- // Look up the user's credentials
---- container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java 2007-03-05 16:27:44.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/realm/MemoryRealm.java 2009-06-09 18:37:04.000000000 +0200
-@@ -147,7 +147,7 @@
- (GenericPrincipal) principals.get(username);
-
- boolean validated = false;
-- if (principal != null) {
-+ if (principal != null && credentials != null) {
- if (hasMessageDigest()) {
- // Hex hashes should be compared case-insensitive
- validated = (digest(credentials)
Deleted: apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0783.patch
===================================================================
--- apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0783.patch 2009-07-08 09:20:14 UTC (rev 27654)
+++ apache-tomcat/5.5.23.patch07-brew/tomcat5-5.5.23-CVE-2009-0783.patch 2009-07-08 21:59:09 UTC (rev 27655)
@@ -1,245 +0,0 @@
---- container/catalina/src/share/org/apache/catalina/core/StandardContext.java 2009-06-08 17:03:55.000000000 +0200
-+++ container/catalina/src/share/org/apache/catalina/core/StandardContext.java 2009-06-10 10:21:36.000000000 +0200
-@@ -4142,10 +4142,6 @@
- ((Lifecycle) pipeline).start();
- }
-
-- if(getProcessTlds()) {
-- processTlds();
-- }
--
- // Notify our interested LifecycleListeners
- lifecycle.fireLifecycleEvent(START_EVENT, null);
-
-@@ -4278,40 +4274,6 @@
-
- //cacheContext();
- }
--
-- /**
-- * Processes TLDs.
-- *
-- * @throws LifecycleException If an error occurs
-- */
-- protected void processTlds() throws LifecycleException {
-- TldConfig tldConfig = new TldConfig();
-- tldConfig.setContext(this);
--
-- // (1) check if the attribute has been defined
-- // on the context element.
-- tldConfig.setTldValidation(tldValidation);
-- tldConfig.setTldNamespaceAware(tldNamespaceAware);
--
-- // (2) if the attribute wasn't defined on the context
-- // try the host.
-- if (!tldValidation) {
-- tldConfig.setTldValidation
-- (((StandardHost) getParent()).getXmlValidation());
-- }
--
-- if (!tldNamespaceAware) {
-- tldConfig.setTldNamespaceAware
-- (((StandardHost) getParent()).getXmlNamespaceAware());
-- }
--
-- try {
-- tldConfig.execute();
-- } catch (Exception ex) {
-- log.error("Error reading tld listeners "
-- + ex.toString(), ex);
-- }
-- }
-
- /**
- * Stop this Context component.
-@@ -5069,6 +5031,11 @@
- return;
- }
- }
-+
-+ if (processTlds)
-+ {
-+ this.addLifecycleListener(new TldConfig());
-+ }
- super.init();
-
- // Notify our interested LifecycleListeners
---- container/catalina/src/share/org/apache/catalina/startup/ContextConfig.java 2007-03-05 16:27:46.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/startup/ContextConfig.java 2009-06-10 10:40:16.000000000 +0200
-@@ -322,10 +322,6 @@
-
- long t1=System.currentTimeMillis();
-
-- if (webDigester == null){
-- webDigester = createWebDigester();
-- }
--
- URL url=null;
- // Process the application web.xml file
- synchronized (webDigester) {
-@@ -606,10 +602,6 @@
- + " " + defaultWebXml + " " + file , e);
- }
-
-- if (webDigester == null){
-- webDigester = createWebDigester();
-- }
--
- if (stream != null) {
- processDefaultWebConfig(webDigester, stream, source);
- webRuleSet.recycle();
-@@ -768,9 +760,6 @@
-
- if (source == null)
- return;
-- if (contextDigester == null){
-- contextDigester = createContextDigester();
-- }
- synchronized (contextDigester) {
- try {
- source.setByteStream(stream);
-@@ -979,6 +968,16 @@
- protected void init() {
- // Called from StandardContext.init()
-
-+ if (webDigester == null){
-+ webDigester = createWebDigester();
-+ webDigester.getParser();
-+ }
-+
-+ if (contextDigester == null){
-+ contextDigester = createContextDigester();
-+ contextDigester.getParser();
-+ }
-+
- if (log.isDebugEnabled())
- log.debug(sm.getString("contextConfig.init"));
- context.setConfigured(false);
-+++ container/catalina/src/share/org/apache/catalina/startup/LocalStrings.properties 2009-06-10 10:15:31.000000000 +0200
-@@ -72,6 +72,8 @@
- hostConfig.undeploy=Undeploying context [{0}]
- hostConfig.undeploy.error=Error undeploying web application at context path {0}
- hostConfig.undeploying=Undeploying deployed web applications
-+tldConfig.cce=Lifecycle event data object {0} is not a Context
-+tldConfig.execute=Error processing TLD files for context path {0}
- userConfig.database=Exception loading user database
- userConfig.deploy=Deploying web application for user {0}
- userConfig.deploying=Deploying user web applications
---- container/catalina/src/share/org/apache/catalina/startup/TldConfig.java 2007-03-05 16:27:46.000000000 +0100
-+++ container/catalina/src/share/org/apache/catalina/startup/TldConfig.java 2009-06-10 10:06:53.000000000 +0200
-@@ -47,20 +47,25 @@
-
- import org.apache.catalina.Context;
- import org.apache.catalina.Globals;
-+import org.apache.catalina.Lifecycle;
-+import org.apache.catalina.LifecycleEvent;
-+import org.apache.catalina.LifecycleListener;
- import org.apache.catalina.core.StandardContext;
-+import org.apache.catalina.core.StandardHost;
- import org.apache.catalina.util.StringManager;
- import org.apache.tomcat.util.digester.Digester;
- import org.xml.sax.InputSource;
-
- /**
-- * Startup event listener for a <b>Context</b> that configures the properties
-- * of that Context, and the associated defined servlets.
-+* Startup event listener for a <b>Context</b> that configures application
-+* listeners configured in any TLD files.
- *
- * @author Craig R. McClanahan
- * @author Jean-Francois Arcand
- * @author Costin Manolache
- */
--public final class TldConfig {
-+public final class TldConfig implements LifecycleListener
-+{
-
- // Names of JARs that are known not to contain any TLDs
- private static HashSet noTldJars;
-@@ -400,20 +405,6 @@
- }
-
- /**
-- * Create (if necessary) and return a Digester configured to process a tag
-- * library descriptor, looking for additional listener classes to be
-- * registered.
-- */
-- private static Digester createTldDigester() {
--
-- return DigesterFactory.newDigester(tldValidation,
-- tldNamespaceAware,
-- new TldRuleSet());
--
-- }
--
--
-- /**
- * Scan the JAR file at the specified resource path for TLDs in the
- * <code>META-INF</code> subdirectory, and scan each TLD for application
- * event listeners that need to be registered.
-@@ -504,10 +495,6 @@
- */
- private void tldScanStream(InputSource resourceStream)
- throws Exception {
--
-- if (tldDigester == null){
-- tldDigester = createTldDigester();
-- }
-
- synchronized (tldDigester) {
- try {
-@@ -722,4 +709,53 @@
-
- return jarPathMap;
- }
--}
-+
-+
-+ public void lifecycleEvent(LifecycleEvent event) {
-+ // Identify the context we are associated with
-+ try {
-+ context = (Context) event.getLifecycle();
-+ } catch (ClassCastException e) {
-+ log.error(sm.getString("tldConfig.cce", event.getLifecycle()), e);
-+ return;
-+ }
-+
-+ if (event.getType().equals(Lifecycle.INIT_EVENT)) {
-+ init();
-+ } else if (event.getType().equals(Lifecycle.START_EVENT)) {
-+ try {
-+ execute();
-+ } catch (Exception e) {
-+ log.error(sm.getString(
-+ "tldConfig.execute", context.getPath()), e);
-+ }
-+ } // Ignore the other event types - nothing to do
-+ }
-+
-+ private void init() {
-+ if (tldDigester == null){
-+ // (1) check if the attribute has been defined
-+ // on the context element.
-+ setTldValidation(context.getTldValidation());
-+ setTldNamespaceAware(context.getTldNamespaceAware());
-+
-+ // (2) if the attribute wasn't defined on the context
-+ // try the host.
-+ if (!tldValidation) {
-+ setTldValidation(
-+ ((StandardHost) context.getParent()).getXmlValidation());
-+ }
-+
-+ if (!tldNamespaceAware) {
-+ setTldNamespaceAware(
-+ ((StandardHost) context.getParent()).getXmlNamespaceAware());
-+ }
-+
-+ tldDigester = DigesterFactory.newDigester(tldValidation,
-+ tldNamespaceAware,
-+ new TldRuleSet());
-+ tldDigester.getParser();
-+
-+ }
-+ }
-+ }
More information about the jboss-cvs-commits
mailing list