You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2022/03/08 16:46:29 UTC
[tomcat] branch 8.5.x updated (3778312 -> 1083bce)
This is an automated email from the ASF dual-hosted git repository.
markt pushed a change to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git.
from 3778312 Improve comments. Remove unnecessary code.
new b3e76d3 Fix potential concurrency issue.
new 1083bce Revert "Temporary workaround for broken DigiCert ONE REST API"
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
build.properties.default | 12 ++----------
build.xml | 2 --
java/org/apache/coyote/http11/Http11Processor.java | 4 ++--
webapps/docs/changelog.xml | 5 +++++
4 files changed, 9 insertions(+), 14 deletions(-)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[tomcat] 02/02: Revert "Temporary workaround for broken DigiCert ONE REST API"
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 1083bce76d6b6bff26fd388dfc3933ef18ea48c9
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Mar 8 16:42:46 2022 +0000
Revert "Temporary workaround for broken DigiCert ONE REST API"
This reverts commit 7c54e369e87f1eedd50e42f895c2b0cd058e30b8.
---
build.properties.default | 12 ++----------
build.xml | 2 --
2 files changed, 2 insertions(+), 12 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index fd4ed58..64cb22e 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -84,19 +84,11 @@ gpg.exec=/path/to/gpg
# Code signing of Windows installer
# See https://infra.apache.org/digicert-use.html for setup instructions
do.codesigning=false
-#codesigning.alias=Tomcat-PMC-cert-2021-11
+codesigning.alias=Tomcat-PMC-cert-2021-11
codesigning.digest=SHA-512
-#codesigning.storetype=DIGICERTONE
+codesigning.storetype=DIGICERTONE
# Set codesigning.storepass in build.properties with the following syntax
#codesigning.storepass=<api-key>|/path/to/Certificate_pkcs12.p12|<password>
-# Once DigiCert fix the broken REST API
-# - Uncomment alias & storetype above
-# - Remove the four lines below
-# - Remove the keystore field from build.xml
-codesigning.keystore=${user.home}/.digicertone/pkcs11properties.cfg
-codesigning.storepass=NONE
-codesigning.storetype=PKCS11
-codesigning.alias=Tomcat-PMC-key-2021-11
# ----- Settings to use when downloading files -----
trydownload.httpusecaches=true
diff --git a/build.xml b/build.xml
index 39a8b32..8427711 100644
--- a/build.xml
+++ b/build.xml
@@ -2186,7 +2186,6 @@ skip.installer property in build.properties" />
unless="skip.installer" depends="-installer-create-uninstaller,setup-jsign"
if="${do.codesigning}">
<jsign file="${tomcat.dist}/Uninstall.exe"
- keystore="${codesigning.keystore}"
storepass="${codesigning.storepass}"
storetype="${codesigning.storetype}"
alias="${codesigning.alias}"
@@ -2215,7 +2214,6 @@ skip.installer property in build.properties" />
description="Builds and optionally signs the Windows installer"
depends="-installer,setup-jsign" if="${do.codesigning}" >
<jsign file="${tomcat.release}/v${version}/bin/${final.name}.exe"
- keystore="${codesigning.keystore}"
storepass="${codesigning.storepass}"
storetype="${codesigning.storetype}"
alias="${codesigning.alias}"
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[tomcat] 01/02: Fix potential concurrency issue.
Posted by ma...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit b3e76d3cdb5aab462df1d51b8048ff63829eebd1
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Mar 8 16:27:03 2022 +0000
Fix potential concurrency issue.
If the request is split across multiple packets and those packets are
processed in rapid succession then it is possible that subsequent
packets see the wrong value for readComplete and register the socket for
a further read rather than processing the request.
---
java/org/apache/coyote/http11/Http11Processor.java | 4 ++--
webapps/docs/changelog.xml | 5 +++++
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/coyote/http11/Http11Processor.java b/java/org/apache/coyote/http11/Http11Processor.java
index 6751f74..eafd286 100644
--- a/java/org/apache/coyote/http11/Http11Processor.java
+++ b/java/org/apache/coyote/http11/Http11Processor.java
@@ -112,13 +112,13 @@ public class Http11Processor extends AbstractProcessor {
* Flag used to indicate that the socket should be kept open (e.g. for keep
* alive or send file.
*/
- protected boolean openSocket = false;
+ protected volatile boolean openSocket = false;
/**
* Flag that indicates if the request headers have been completely read.
*/
- protected boolean readComplete = true;
+ protected volatile boolean readComplete = true;
/**
* HTTP/1.1 flag.
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4e0c0b5..d50cfa0 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -127,6 +127,11 @@
when user code was doing sequential operations in a single thread.
Test case code submitted by Istvan Szekely. (remm)
</fix>
+ <fix>
+ Fix potential thread-safety issue that could cause HTTP/1.1 request
+ processing to wait, and potentially timeout, waiting for additional
+ data when the full request has been received. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org