You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by gg...@apache.org on 2022/03/03 15:13:30 UTC
[logging-log4j2] branch release-2.x updated: [LOG4J2-3423] JAR file containing Log4j configuration isn't closed.
This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/release-2.x by this push:
new e652dc3 [LOG4J2-3423] JAR file containing Log4j configuration isn't closed.
e652dc3 is described below
commit e652dc36b629ee8355c68fe6546928f907f79301
Author: Gary Gregory <ga...@gmail.com>
AuthorDate: Thu Mar 3 10:13:23 2022 -0500
[LOG4J2-3423] JAR file containing Log4j configuration isn't closed.
---
.../org/apache/log4j/PropertyConfigurator.java | 1 +
.../java/org/apache/log4j/xml/DOMConfigurator.java | 3 +-
.../log4j/core/config/ConfigurationSource.java | 2 ++
.../log4j/core/net/UrlConnectionFactory.java | 32 ++++++++++++----------
.../log4j/core/selector/TestClassLoader.java | 8 ++++--
.../boot/Log4j2CloudConfigLoggingSystem.java | 2 ++
src/changes/changes.xml | 3 ++
7 files changed, 32 insertions(+), 19 deletions(-)
diff --git a/log4j-1.2-api/src/main/java/org/apache/log4j/PropertyConfigurator.java b/log4j-1.2-api/src/main/java/org/apache/log4j/PropertyConfigurator.java
index 483096e..348646a 100644
--- a/log4j-1.2-api/src/main/java/org/apache/log4j/PropertyConfigurator.java
+++ b/log4j-1.2-api/src/main/java/org/apache/log4j/PropertyConfigurator.java
@@ -382,6 +382,7 @@ public class PropertyConfigurator implements Configurator {
LogLog.debug("Reading configuration from URL " + url);
try {
final URLConnection urlConnection = url.openConnection();
+ // A "jar:" URL file remains open after the stream is closed, so do not cache it.
urlConnection.setUseCaches(false);
try (InputStream inputStream = urlConnection.getInputStream()) {
return doConfigure(inputStream, loggerRepository, classLoader);
diff --git a/log4j-1.2-api/src/main/java/org/apache/log4j/xml/DOMConfigurator.java b/log4j-1.2-api/src/main/java/org/apache/log4j/xml/DOMConfigurator.java
index e751653..e5adf60 100644
--- a/log4j-1.2-api/src/main/java/org/apache/log4j/xml/DOMConfigurator.java
+++ b/log4j-1.2-api/src/main/java/org/apache/log4j/xml/DOMConfigurator.java
@@ -145,7 +145,8 @@ public class DOMConfigurator {
public void doConfigure(final URL url, final LoggerRepository repository) {
try {
final URLConnection connection = url.openConnection();
- connection.setUseCaches(false); // Otherwise, a "jar:" URL file remains open after the stream is closed.
+ // A "jar:" URL file remains open after the stream is closed, so do not cache it.
+ connection.setUseCaches(false);
try (InputStream inputStream = connection.getInputStream()) {
doConfigure(new ConfigurationSource(inputStream, url));
}
diff --git a/log4j-core/src/main/java/org/apache/logging/log4j/core/config/ConfigurationSource.java b/log4j-core/src/main/java/org/apache/logging/log4j/core/config/ConfigurationSource.java
index b0a68da..8f53066 100644
--- a/log4j-core/src/main/java/org/apache/logging/log4j/core/config/ConfigurationSource.java
+++ b/log4j-core/src/main/java/org/apache/logging/log4j/core/config/ConfigurationSource.java
@@ -369,6 +369,8 @@ public class ConfigurationSource {
private static ConfigurationSource getConfigurationSource(URL url) {
try {
URLConnection urlConnection = url.openConnection();
+ // A "jar:" URL file remains open after the stream is closed, so do not cache it.
+ urlConnection.setUseCaches(false);
AuthorizationProvider provider = ConfigurationFactory.authorizationProvider(PropertiesUtil.getProperties());
provider.addAuthorization(urlConnection);
if (url.getProtocol().equals(HTTPS)) {
diff --git a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/UrlConnectionFactory.java b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/UrlConnectionFactory.java
index e813170..83151f7 100644
--- a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/UrlConnectionFactory.java
+++ b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/UrlConnectionFactory.java
@@ -24,8 +24,7 @@ import java.net.URLConnection;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;
-import java.util.Properties;
-import java.util.Set;
+
import javax.net.ssl.HttpsURLConnection;
import org.apache.logging.log4j.core.config.ConfigurationFactory;
@@ -33,7 +32,6 @@ import org.apache.logging.log4j.core.net.ssl.LaxHostnameVerifier;
import org.apache.logging.log4j.core.net.ssl.SslConfiguration;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationFactory;
import org.apache.logging.log4j.core.util.AuthorizationProvider;
-import org.apache.logging.log4j.core.util.BasicAuthorizationProvider;
import org.apache.logging.log4j.util.PropertiesUtil;
import org.apache.logging.log4j.util.Strings;
@@ -54,15 +52,15 @@ public class UrlConnectionFactory {
private static final String NO_PROTOCOLS = "_none";
public static final String ALLOWED_PROTOCOLS = "log4j2.Configuration.allowedProtocols";
- public static HttpURLConnection createConnection(URL url, long lastModifiedMillis, SslConfiguration sslConfiguration)
+ public static HttpURLConnection createConnection(final URL url, final long lastModifiedMillis, final SslConfiguration sslConfiguration)
throws IOException {
- PropertiesUtil props = PropertiesUtil.getProperties();
- List<String> allowed = Arrays.asList(Strings.splitList(props
+ final PropertiesUtil props = PropertiesUtil.getProperties();
+ final List<String> allowed = Arrays.asList(Strings.splitList(props
.getStringProperty(ALLOWED_PROTOCOLS, HTTPS).toLowerCase(Locale.ROOT)));
if (allowed.size() == 1 && NO_PROTOCOLS.equals(allowed.get(0))) {
throw new ProtocolException("No external protocols have been enabled");
}
- String protocol = url.getProtocol();
+ final String protocol = url.getProtocol();
if (protocol == null) {
throw new ProtocolException("No protocol was specified on " + url.toString());
}
@@ -71,7 +69,7 @@ public class UrlConnectionFactory {
}
final HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
- AuthorizationProvider provider = ConfigurationFactory.authorizationProvider(props);
+ final AuthorizationProvider provider = ConfigurationFactory.authorizationProvider(props);
if (provider != null) {
provider.addAuthorization(urlConnection);
}
@@ -79,15 +77,17 @@ public class UrlConnectionFactory {
urlConnection.setDoOutput(true);
urlConnection.setDoInput(true);
urlConnection.setRequestMethod("GET");
+ // A "jar:" URL file remains open after the stream is closed, so do not cache it.
+ urlConnection.setUseCaches(false);
if (connectTimeoutMillis > 0) {
urlConnection.setConnectTimeout(connectTimeoutMillis);
}
if (readTimeoutMillis > 0) {
urlConnection.setReadTimeout(readTimeoutMillis);
}
- String[] fileParts = url.getFile().split("\\.");
- String type = fileParts[fileParts.length - 1].trim();
- String contentType = isXml(type) ? XML : isJson(type) ? JSON : isProperties(type) ? PROPERTIES : TEXT;
+ final String[] fileParts = url.getFile().split("\\.");
+ final String type = fileParts[fileParts.length - 1].trim();
+ final String contentType = isXml(type) ? XML : isJson(type) ? JSON : isProperties(type) ? PROPERTIES : TEXT;
urlConnection.setRequestProperty("Content-Type", contentType);
if (lastModifiedMillis > 0) {
urlConnection.setIfModifiedSince(lastModifiedMillis);
@@ -101,26 +101,28 @@ public class UrlConnectionFactory {
return urlConnection;
}
- public static URLConnection createConnection(URL url) throws IOException {
+ public static URLConnection createConnection(final URL url) throws IOException {
URLConnection urlConnection = null;
if (url.getProtocol().equals(HTTPS) || url.getProtocol().equals(HTTP)) {
urlConnection = createConnection(url, 0, SslConfigurationFactory.getSslConfiguration());
} else {
urlConnection = url.openConnection();
+ // A "jar:" URL file remains open after the stream is closed, so do not cache it.
+ urlConnection.setUseCaches(false);
}
return urlConnection;
}
- private static boolean isXml(String type) {
+ private static boolean isXml(final String type) {
return type.equalsIgnoreCase("xml");
}
- private static boolean isJson(String type) {
+ private static boolean isJson(final String type) {
return type.equalsIgnoreCase("json") || type.equalsIgnoreCase("jsn");
}
- private static boolean isProperties(String type) {
+ private static boolean isProperties(final String type) {
return type.equalsIgnoreCase("properties");
}
}
diff --git a/log4j-core/src/test/java/org/apache/logging/log4j/core/selector/TestClassLoader.java b/log4j-core/src/test/java/org/apache/logging/log4j/core/selector/TestClassLoader.java
index 7a54182..49e63c2 100644
--- a/log4j-core/src/test/java/org/apache/logging/log4j/core/selector/TestClassLoader.java
+++ b/log4j-core/src/test/java/org/apache/logging/log4j/core/selector/TestClassLoader.java
@@ -54,9 +54,11 @@ public class TestClassLoader extends ClassLoader {
throw new ClassNotFoundException(name);
}
try {
- final URLConnection uc = resource.openConnection();
- final int len = uc.getContentLength();
- final InputStream in = new BufferedInputStream(uc.getInputStream());
+ final URLConnection urlConnection = resource.openConnection();
+ // A "jar:" URL file remains open after the stream is closed, so do not cache it.
+ urlConnection.setUseCaches(false);
+ final int len = urlConnection.getContentLength();
+ final InputStream in = new BufferedInputStream(urlConnection.getInputStream());
final byte[] bytecode = new byte[len];
try {
IOUtils.readFully(in, bytecode);
diff --git a/log4j-spring-boot/src/main/java/org/apache/logging/log4j/spring/boot/Log4j2CloudConfigLoggingSystem.java b/log4j-spring-boot/src/main/java/org/apache/logging/log4j/spring/boot/Log4j2CloudConfigLoggingSystem.java
index 05f378c..e8b7cf0 100644
--- a/log4j-spring-boot/src/main/java/org/apache/logging/log4j/spring/boot/Log4j2CloudConfigLoggingSystem.java
+++ b/log4j-spring-boot/src/main/java/org/apache/logging/log4j/spring/boot/Log4j2CloudConfigLoggingSystem.java
@@ -185,6 +185,8 @@ public class Log4j2CloudConfigLoggingSystem extends Log4J2LoggingSystem {
private ConfigurationSource getConfigurationSource(URL url) throws IOException, URISyntaxException {
URLConnection urlConnection = url.openConnection();
+ // A "jar:" URL file remains open after the stream is closed, so do not cache it.
+ urlConnection.setUseCaches(false);
AuthorizationProvider provider = ConfigurationFactory.authorizationProvider(PropertiesUtil.getProperties());
provider.addAuthorization(urlConnection);
if (url.getProtocol().equals(HTTPS)) {
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index bb7fe32..903b214 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -33,6 +33,9 @@
<action issue="LOG4J2-3413" date="2022-02-26" type="fix" due-to="Piotr Karwasz">
Fix resolution of non-Log4j properties.
</action>
+ <action issue="LOG4J2-3423" type="fix" due-to="Radim Tlusty, Gary Gregory">
+ JAR file containing Log4j configuration isn't closed.
+ </action>
</release>
<release version="2.17.2" date="2022-02-23" description="GA Release 2.17.2">
<!-- FIXES -->