You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by co...@apache.org on 2008/08/30 05:11:32 UTC
svn commit: r690448 - in /tomcat/sandbox/tomcat-lite:
coyote-apr/org/apache/coyote/http11/ coyote-apr/org/apache/tomcat/jni/
coyote-apr/org/apache/tomcat/util/net/ coyote-nio/org/apache/coyote/http11/
coyote-nio/org/apache/tomcat/util/net/ coyote-nio/o...
Author: costin
Date: Fri Aug 29 20:11:31 2008
New Revision: 690448
URL: http://svn.apache.org/viewvc?rev=690448&view=rev
Log:
Merge from head.
Modified:
tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProcessor.java
tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProtocol.java
tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprInputBuffer.java
tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprOutputBuffer.java
tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/Local.java
tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/SSL.java
tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/util/net/AprEndpoint.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProcessor.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProtocol.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioInputBuffer.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioOutputBuffer.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioBlockingSelector.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioEndpoint.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioSelectorPool.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SSLImplementation.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/ServerSocketFactory.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SocketProperties.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSEFactory.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESupport.java
Modified: tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProcessor.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProcessor.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProcessor.java Fri Aug 29 20:11:31 2008
@@ -442,6 +442,7 @@
*/
public void setCompressableMimeTypes(String compressableMimeTypes) {
if (compressableMimeTypes != null) {
+ this.compressableMimeTypes = null;
StringTokenizer st = new StringTokenizer(compressableMimeTypes, ",");
while (st.hasMoreTokens()) {
@@ -470,7 +471,7 @@
*/
protected void addFilter(String className) {
try {
- Class clazz = Class.forName(className);
+ Class<?> clazz = Class.forName(className);
Object obj = clazz.newInstance();
if (obj instanceof InputFilter) {
inputBuffer.addFilter((InputFilter) obj);
@@ -530,22 +531,6 @@
/**
- * General use method
- *
- * @param sArray the StringArray
- * @param value string
- */
- private boolean inStringArray(String sArray[], String value) {
- for (int i = 0; i < sArray.length; i++) {
- if (sArray[i].equals(value)) {
- return true;
- }
- }
- return false;
- }
-
-
- /**
* Checks if any entry in the string array starts with the specified value
*
* @param sArray the StringArray
@@ -1144,9 +1129,8 @@
}
// User key size
sslO = new Integer(SSLSocket.getInfoI(socket, SSL.SSL_INFO_CIPHER_USEKEYSIZE));
- if (sslO != null) {
- request.setAttribute(AprEndpoint.KEY_SIZE_KEY, sslO);
- }
+ request.setAttribute(AprEndpoint.KEY_SIZE_KEY, sslO);
+
// SSL session ID
sslO = SSLSocket.getInfoS(socket, SSL.SSL_INFO_SESSION_ID);
if (sslO != null) {
@@ -1205,6 +1189,10 @@
comet = true;
} else if (actionCode == ActionCode.ACTION_COMET_END) {
comet = false;
+ } else if (actionCode == ActionCode.ACTION_COMET_CLOSE) {
+ //no op
+ } else if (actionCode == ActionCode.ACTION_COMET_SETTIMEOUT) {
+ //no op
}
}
@@ -1470,7 +1458,7 @@
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.DEC[valueB[i + valueS]];
if (charValue == -1) {
// Invalid character
error = true;
Modified: tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProtocol.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProtocol.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProtocol.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/Http11AprProtocol.java Fri Aug 29 20:11:31 2008
@@ -242,9 +242,15 @@
public void setPollerSize(int pollerSize) { endpoint.setPollerSize(pollerSize); }
public int getPollerSize() { return endpoint.getPollerSize(); }
+ public void setPollerThreadCount(int pollerThreadCount) { endpoint.setPollerThreadCount(pollerThreadCount); }
+ public int getPollerThreadCount() { return endpoint.getPollerThreadCount(); }
+
public int getSendfileSize() { return endpoint.getSendfileSize(); }
public void setSendfileSize(int sendfileSize) { endpoint.setSendfileSize(sendfileSize); }
+ public void setSendfileThreadCount(int sendfileThreadCount) { endpoint.setSendfileThreadCount(sendfileThreadCount); }
+ public int getSendfileThreadCount() { return endpoint.getSendfileThreadCount(); }
+
protected int socketBuffer = 9000;
public int getSocketBuffer() { return socketBuffer; }
public void setSocketBuffer(int socketBuffer) { this.socketBuffer = socketBuffer; }
@@ -646,7 +652,7 @@
try {
RequestInfo rp = processor.getRequest().getRequestProcessor();
rp.setGlobalProcessor(null);
- ObjectName rpName = rp.getRpName();
+ ObjectName rpName = (ObjectName) rp.getRpName();
if (log.isDebugEnabled()) {
log.debug("Unregister " + rpName);
}
Modified: tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprInputBuffer.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprInputBuffer.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprInputBuffer.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprInputBuffer.java Fri Aug 29 20:11:31 2008
@@ -403,7 +403,8 @@
throw new EOFException(sm.getString("iib.eof.error"));
}
- if (buf[pos] == Constants.SP) {
+ // Spec says single SP but it also says be tolerant of HT
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
request.method().setBytes(buf, start, pos - start);
}
@@ -412,6 +413,20 @@
}
+ // Spec says single SP but also says be tolerant of multiple and/or HT
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill())
+ throw new EOFException(sm.getString("iib.eof.error"));
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
// Mark the current buffer position
start = pos;
int end = 0;
@@ -421,7 +436,6 @@
// Reading the URI
//
- space = false;
boolean eol = false;
while (!space) {
@@ -432,7 +446,8 @@
throw new EOFException(sm.getString("iib.eof.error"));
}
- if (buf[pos] == Constants.SP) {
+ // Spec says single SP but it also says be tolerant of HT
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
end = pos;
} else if ((buf[pos] == Constants.CR)
@@ -459,6 +474,21 @@
request.requestURI().setBytes(buf, start, end - start);
}
+ // Spec says single SP but also says be tolerant of multiple and/or HT
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill())
+ throw new EOFException(sm.getString("iib.eof.error"));
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
+
// Mark the current buffer position
start = pos;
end = 0;
@@ -498,18 +528,19 @@
}
-
+
/**
* Parse the HTTP headers.
*/
public void parseHeaders()
- throws IOException {
+ throws IOException {
while (parseHeader()) {
}
parsingHeader = false;
end = pos;
+
}
Modified: tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprOutputBuffer.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprOutputBuffer.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprOutputBuffer.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/coyote/http11/InternalAprOutputBuffer.java Fri Aug 29 20:11:31 2008
@@ -421,11 +421,14 @@
buf[pos++] = Constants.SP;
// Write message
- String message = response.getMessage();
+ String message = null;
+ if (org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER) {
+ message = response.getMessage();
+ }
if (message == null) {
write(HttpMessages.getMessage(status));
} else {
- write(message);
+ write(message.replace('\n', ' ').replace('\r', ' '));
}
// End the response status line
Modified: tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/Local.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/Local.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/Local.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/Local.java Fri Aug 29 20:11:31 2008
@@ -73,4 +73,12 @@
*/
public static native int connect(long sock, long sa);
+ /**
+ * Set SO_PASSCRED, to pass the unix credential ( UID ) to the
+ * other side. This is commonly used for authentication.
+ *
+ * @param sock
+ * @return status
+ */
+ public static native int soPassCred(long sock);
}
Modified: tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/SSL.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/SSL.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/SSL.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/jni/SSL.java Fri Aug 29 20:11:31 2008
@@ -20,7 +20,7 @@
/** SSL
*
* @author Mladen Turk
- * @version $Revision: 637867 $, $Date: 2008-03-17 05:49:46 -0700 (Mon, 17 Mar 2008) $
+ * @version $Revision: 602114 $, $Date: 2007-12-07 07:00:01 -0800 (Fri, 07 Dec 2007) $
*/
public final class SSL {
Modified: tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/util/net/AprEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/util/net/AprEndpoint.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-apr/org/apache/tomcat/util/net/AprEndpoint.java Fri Aug 29 20:11:31 2008
@@ -599,7 +599,8 @@
long inetAddress = Address.info(addressStr, family,
port, 0, rootPool);
// Create the APR server socket
- serverSock = Socket.create(family, Socket.SOCK_STREAM,
+ serverSock = Socket.create(Address.getInfo(inetAddress).family,
+ Socket.SOCK_STREAM,
Socket.APR_PROTO_TCP, rootPool);
if (OS.IS_UNIX) {
Socket.optSet(serverSock, Socket.APR_SO_REUSEADDR, 1);
@@ -858,7 +859,7 @@
try {
// Need to create a connection to unlock the accept();
if (address == null) {
- s = new java.net.Socket(InetAddress.getByName("localhost").getHostAddress(), port);
+ s = new java.net.Socket("127.0.0.1", port);
} else {
s = new java.net.Socket(address, port);
// setting soLinger to a small value will help shutdown the
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProcessor.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProcessor.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProcessor.java Fri Aug 29 20:11:31 2008
@@ -89,7 +89,6 @@
this.endpoint = endpoint;
request = new Request();
- int readTimeout = endpoint.getSoTimeout();
inputBuffer = new InternalNioInputBuffer(request, maxHttpHeaderSize);
request.setInputBuffer(inputBuffer);
@@ -450,6 +449,7 @@
*/
public void setCompressableMimeTypes(String compressableMimeTypes) {
if (compressableMimeTypes != null) {
+ this.compressableMimeTypes = null;
StringTokenizer st = new StringTokenizer(compressableMimeTypes, ",");
while (st.hasMoreTokens()) {
@@ -478,7 +478,7 @@
*/
protected void addFilter(String className) {
try {
- Class clazz = Class.forName(className);
+ Class<?> clazz = Class.forName(className);
Object obj = clazz.newInstance();
if (obj instanceof InputFilter) {
inputBuffer.addFilter((InputFilter) obj);
@@ -538,22 +538,6 @@
/**
- * General use method
- *
- * @param sArray the StringArray
- * @param value string
- */
- private boolean inStringArray(String sArray[], String value) {
- for (int i = 0; i < sArray.length; i++) {
- if (sArray[i].equals(value)) {
- return true;
- }
- }
- return false;
- }
-
-
- /**
* Checks if any entry in the string array starts with the specified value
*
* @param sArray the StringArray
@@ -777,7 +761,8 @@
return SocketState.CLOSED;
} else if (!comet) {
recycle();
- return SocketState.OPEN;
+ //pay attention to the keep alive flag set in process()
+ return (keepAlive)?SocketState.OPEN:SocketState.CLOSED;
} else {
return SocketState.LONG;
}
@@ -810,8 +795,6 @@
int keepAliveLeft = maxKeepAliveRequests;
long soTimeout = endpoint.getSoTimeout();
- int limit = 0;
-
boolean keptAlive = false;
boolean openSocket = false;
boolean recycle = true;
@@ -839,7 +822,7 @@
}
request.setStartTime(System.currentTimeMillis());
if (!disableUploadTimeout) { //only for body, not for request headers
- socket.getIOChannel().socket().setSoTimeout((int)timeout);
+ socket.getIOChannel().socket().setSoTimeout(timeout);
}
} catch (IOException e) {
if (log.isDebugEnabled()) {
@@ -1219,6 +1202,21 @@
comet = true;
} else if (actionCode == ActionCode.ACTION_COMET_END) {
comet = false;
+ } else if (actionCode == ActionCode.ACTION_COMET_CLOSE) {
+ NioEndpoint.KeyAttachment attach = (NioEndpoint.KeyAttachment)socket.getAttachment(false);
+ attach.setCometOps(NioEndpoint.OP_CALLBACK);
+ //notify poller if not on a tomcat thread
+ RequestInfo rp = request.getRequestProcessor();
+ if ( rp.getStage() != org.apache.coyote.Constants.STAGE_SERVICE ) //async handling
+ socket.getPoller().cometInterest(socket);
+ } else if (actionCode == ActionCode.ACTION_COMET_SETTIMEOUT) {
+ if (param==null) return;
+ NioEndpoint.KeyAttachment attach = (NioEndpoint.KeyAttachment)socket.getAttachment(false);
+ long timeout = ((Long)param).longValue();
+ //if we are not piggy backing on a worker thread, set the timeout
+ RequestInfo rp = request.getRequestProcessor();
+ if ( rp.getStage() != org.apache.coyote.Constants.STAGE_SERVICE ) //async handling
+ attach.setTimeout(timeout);
}
}
@@ -1491,7 +1489,7 @@
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.DEC[valueB[i + valueS]];
if (charValue == -1) {
// Invalid character
error = true;
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProtocol.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProtocol.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProtocol.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/Http11NioProtocol.java Fri Aug 29 20:11:31 2008
@@ -39,7 +39,7 @@
import org.apache.tomcat.util.net.NioChannel;
import org.apache.tomcat.util.net.NioEndpoint;
import org.apache.tomcat.util.net.NioEndpoint.Handler;
-import org.apache.tomcat.util.net.SSLImplementation;
+import org.apache.tomcat.util.net.jsse.JSSEImplementation;
import org.apache.tomcat.util.net.SecureNioChannel;
import org.apache.tomcat.util.net.SocketStatus;
import org.apache.tomcat.util.res.StringManager;
@@ -56,7 +56,7 @@
*/
public class Http11NioProtocol implements ProtocolHandler, MBeanRegistration
{
- protected SSLImplementation sslImplementation = null;
+ protected JSSEImplementation sslImplementation = null;
public Http11NioProtocol() {
cHandler = new Http11ConnectionHandler( this );
@@ -81,6 +81,10 @@
attributes.put(name, value);
}
+ public NioEndpoint getEndpoint() {
+ return ep;
+ }
+
public Object getAttribute( String key ) {
if( log.isTraceEnabled())
log.trace(sm.getString("http11protocol.getattribute", key));
@@ -134,7 +138,7 @@
try {
ep.init();
- sslImplementation = SSLImplementation.getInstance("org.apache.tomcat.util.net.jsse.JSSEImplementation");
+ sslImplementation = new JSSEImplementation();
} catch (Exception ex) {
log.error(sm.getString("http11protocol.endpoint.initerror"), ex);
throw ex;
@@ -579,9 +583,6 @@
public boolean getSSLEnabled() { return ep.isSSLEnabled(); }
public void setSSLEnabled(boolean SSLEnabled) { ep.setSSLEnabled(SSLEnabled); }
- public NioEndpoint getEndpoint() {
- return ep;
- }
// -------------------- Connection handler --------------------
@@ -772,8 +773,8 @@
processor.setMaxKeepAliveRequests(proto.maxKeepAliveRequests);
processor.setTimeout(proto.timeout);
processor.setDisableUploadTimeout(proto.disableUploadTimeout);
- processor.setCompression(proto.compression);
processor.setCompressionMinSize(proto.compressionMinSize);
+ processor.setCompression(proto.compression);
processor.setNoCompressionUserAgents(proto.noCompressionUserAgents);
processor.setCompressableMimeTypes(proto.compressableMimeTypes);
processor.setRestrictedUserAgents(proto.restrictedUserAgents);
@@ -812,7 +813,7 @@
if (log.isDebugEnabled()) log.debug("Deregister ["+processor+"] count="+registerCount.get());
RequestInfo rp = processor.getRequest().getRequestProcessor();
rp.setGlobalProcessor(null);
- ObjectName rpName = rp.getRpName();
+ ObjectName rpName = (ObjectName) rp.getRpName();
Registry.getRegistry(null, null).unregisterComponent(rpName);
rp.setRpName(null);
} catch (Exception e) {
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioInputBuffer.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioInputBuffer.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioInputBuffer.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioInputBuffer.java Fri Aug 29 20:11:31 2008
@@ -454,7 +454,7 @@
if (!fill(true, false)) //request line parsing
return false;
}
- if (buf[pos] == Constants.SP) {
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
request.method().setBytes(buf, parsingRequestLineStart, pos - parsingRequestLineStart);
}
@@ -464,20 +464,34 @@
parsingRequestLinePhase = 3;
}
if ( parsingRequestLinePhase == 3 ) {
+ // Spec says single SP but also be tolerant of multiple and/or HT
+ boolean space = true;
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill(true, false)) //request line parsing
+ return false;
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
// Mark the current buffer position
int end = 0;
//
// Reading the URI
//
- boolean space = false;
while (!space) {
// Read new bytes if needed
if (pos >= lastValid) {
if (!fill(true,false)) //request line parsing
return false;
}
- if (buf[pos] == Constants.SP) {
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
space = true;
end = pos;
} else if ((buf[pos] == Constants.CR)
@@ -504,6 +518,21 @@
parsingRequestLinePhase = 4;
}
if ( parsingRequestLinePhase == 4 ) {
+ // Spec says single SP but also be tolerant of multiple and/or HT
+ boolean space = true;
+ while (space) {
+ // Read new bytes if needed
+ if (pos >= lastValid) {
+ if (!fill(true, false)) //request line parsing
+ return false;
+ }
+ if (buf[pos] == Constants.SP || buf[pos] == Constants.HT) {
+ pos++;
+ } else {
+ space = false;
+ }
+ }
+
// Mark the current buffer position
end = 0;
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioOutputBuffer.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioOutputBuffer.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioOutputBuffer.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/coyote/http11/InternalNioOutputBuffer.java Fri Aug 29 20:11:31 2008
@@ -34,7 +34,6 @@
import org.apache.tomcat.util.net.NioEndpoint;
import org.apache.tomcat.util.net.NioSelectorPool;
import org.apache.tomcat.util.res.StringManager;
-import java.io.EOFException;
import org.apache.tomcat.util.MutableInteger;
/**
@@ -479,11 +478,14 @@
buf[pos++] = Constants.SP;
// Write message
- String message = response.getMessage();
+ String message = null;
+ if (org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER) {
+ message = response.getMessage();
+ }
if (message == null) {
write(HttpMessages.getMessage(status));
} else {
- write(message);
+ write(message.replace('\n', ' ').replace('\r', ' '));
}
// End the response status line
@@ -612,11 +614,21 @@
int total = 0;
private synchronized void addToBB(byte[] buf, int offset, int length) throws IOException {
- while (socket.getBufHandler().getWriteBuffer().remaining() < length) {
- flushBuffer();
+ while (length > 0) {
+ int thisTime = length;
+ if (socket.getBufHandler().getWriteBuffer().position() ==
+ socket.getBufHandler().getWriteBuffer().capacity()
+ || socket.getBufHandler().getWriteBuffer().remaining()==0) {
+ flushBuffer();
+ }
+ if (thisTime > socket.getBufHandler().getWriteBuffer().remaining()) {
+ thisTime = socket.getBufHandler().getWriteBuffer().remaining();
+ }
+ socket.getBufHandler().getWriteBuffer().put(buf, offset, thisTime);
+ length = length - thisTime;
+ offset = offset + thisTime;
+ total += thisTime;
}
- socket.getBufHandler().getWriteBuffer().put(buf, offset, length);
- total += length;
NioEndpoint.KeyAttachment ka = (NioEndpoint.KeyAttachment)socket.getAttachment(false);
if ( ka!= null ) ka.access();//prevent timeouts for just doing client writes
}
@@ -792,18 +804,7 @@
int len = chunk.getLength();
int start = chunk.getStart();
byte[] b = chunk.getBuffer();
- while (len > 0) {
- int thisTime = len;
- if (socket.getBufHandler().getWriteBuffer().position() == socket.getBufHandler().getWriteBuffer().capacity() ||socket.getBufHandler().getWriteBuffer().remaining()==0) {
- flushBuffer();
- }
- if (thisTime > socket.getBufHandler().getWriteBuffer().remaining()) {
- thisTime = socket.getBufHandler().getWriteBuffer().remaining();
- }
- addToBB(b,start,thisTime);
- len = len - thisTime;
- start = start + thisTime;
- }
+ addToBB(b, start, len);
return chunk.getLength();
}
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioBlockingSelector.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioBlockingSelector.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioBlockingSelector.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioBlockingSelector.java Fri Aug 29 20:11:31 2008
@@ -193,7 +193,7 @@
protected class BlockPoller extends Thread {
protected boolean run = true;
protected Selector selector = null;
- protected ConcurrentLinkedQueue events = new ConcurrentLinkedQueue();
+ protected ConcurrentLinkedQueue<Runnable> events = new ConcurrentLinkedQueue<Runnable>();
public void disable() { run = false; selector.wakeup();}
protected AtomicInteger wakeupCounter = new AtomicInteger(0);
public void cancelKey(final NioChannel socket, final SelectionKey key) {
@@ -231,6 +231,8 @@
try {
if (sk == null) {
sk = ch.register(selector, ops, key);
+ } else if (!sk.isValid()) {
+ cancel(sk,key,ops);
} else {
sk.interestOps(sk.interestOps() | ops);
}
@@ -259,10 +261,15 @@
if (SelectionKey.OP_WRITE==(ops&SelectionKey.OP_WRITE)) countDown(key.getWriteLatch());
if (SelectionKey.OP_READ==(ops&SelectionKey.OP_READ))countDown(key.getReadLatch());
} else {
- sk.interestOps(sk.interestOps() & (~ops));
- if (SelectionKey.OP_WRITE==(ops&SelectionKey.OP_WRITE)) countDown(key.getWriteLatch());
- if (SelectionKey.OP_READ==(ops&SelectionKey.OP_READ))countDown(key.getReadLatch());
- if (sk.interestOps()==0) {
+ if (sk.isValid()) {
+ sk.interestOps(sk.interestOps() & (~ops));
+ if (SelectionKey.OP_WRITE==(ops&SelectionKey.OP_WRITE)) countDown(key.getWriteLatch());
+ if (SelectionKey.OP_READ==(ops&SelectionKey.OP_READ))countDown(key.getReadLatch());
+ if (sk.interestOps()==0) {
+ sk.cancel();
+ sk.attach(null);
+ }
+ }else {
sk.cancel();
sk.attach(null);
}
@@ -284,7 +291,7 @@
boolean result = false;
Runnable r = null;
result = (events.size() > 0);
- while ( (r = (Runnable)events.poll()) != null ) {
+ while ( (r = events.poll()) != null ) {
r.run();
result = true;
}
@@ -320,12 +327,12 @@
continue;
}
- Iterator iterator = keyCount > 0 ? selector.selectedKeys().iterator() : null;
+ Iterator<SelectionKey> iterator = keyCount > 0 ? selector.selectedKeys().iterator() : null;
// Walk through the collection of ready keys and dispatch
// any active event.
while (run && iterator != null && iterator.hasNext()) {
- SelectionKey sk = (SelectionKey) iterator.next();
+ SelectionKey sk = iterator.next();
KeyAttachment attachment = (KeyAttachment)sk.attachment();
try {
attachment.access();
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioEndpoint.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioEndpoint.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioEndpoint.java Fri Aug 29 20:11:31 2008
@@ -813,6 +813,13 @@
workers = new WorkerStack(maxThreads);
}
+ // Start poller thread
+ poller = new Poller();
+ Thread pollerThread = new Thread(poller, getName() + "-ClientPoller");
+ pollerThread.setPriority(threadPriority);
+ pollerThread.setDaemon(true);
+ pollerThread.start();
+
// Start acceptor threads
for (int i = 0; i < acceptorThreadCount; i++) {
Thread acceptorThread = new Thread(new Acceptor(), getName() + "-Acceptor-" + i);
@@ -820,13 +827,6 @@
acceptorThread.setDaemon(daemon);
acceptorThread.start();
}
-
- // Start poller thread
- poller = new Poller();
- Thread pollerThread = new Thread(poller, getName() + "-ClientPoller");
- pollerThread.setPriority(threadPriority);
- pollerThread.setDaemon(true);
- pollerThread.start();
}
}
@@ -947,7 +947,7 @@
try {
// Need to create a connection to unlock the accept();
if (address == null) {
- s = new java.net.Socket(InetAddress.getByName("localhost").getHostAddress(), port);
+ s = new java.net.Socket("127.0.0.1", port);
} else {
s = new java.net.Socket(address, port);
// setting soLinger to a small value will help shutdown the
@@ -1383,7 +1383,7 @@
//synchronized (events) {
Runnable r = null;
result = (events.size() > 0);
- while ( (r = (Runnable)events.poll()) != null ) {
+ while ( (r = events.poll()) != null ) {
try {
r.run();
if ( r instanceof PollerEvent ) {
@@ -1497,11 +1497,12 @@
//either we timed out or we woke up, process events first
if ( keyCount == 0 ) hasEvents = (hasEvents | events());
- Iterator iterator = keyCount > 0 ? selector.selectedKeys().iterator() : null;
+ Iterator<SelectionKey> iterator =
+ keyCount > 0 ? selector.selectedKeys().iterator() : null;
// Walk through the collection of ready keys and dispatch
// any active event.
while (iterator != null && iterator.hasNext()) {
- SelectionKey sk = (SelectionKey) iterator.next();
+ SelectionKey sk = iterator.next();
KeyAttachment attachment = (KeyAttachment)sk.attachment();
attachment.access();
iterator.remove();
@@ -1607,10 +1608,11 @@
}
if ( sd.length <= 0 ) {
attachment.setSendfileData(null);
- if ( sd.keepAlive )
+ if ( sd.keepAlive ) {
if (reg) reg(sk,attachment,SelectionKey.OP_READ);
- else
+ } else {
cancelledKey(sk,SocketStatus.STOP,false);
+ }
} else if ( attachment.interestOps() == 0 && reg ) {
reg(sk,attachment,SelectionKey.OP_WRITE);
}
@@ -1634,6 +1636,7 @@
protected void reg(SelectionKey sk, KeyAttachment attachment, int intops) {
sk.interestOps(intops);
attachment.interestOps(intops);
+ attachment.setCometOps(intops);
}
protected void timeout(int keyCount, boolean hasEvents) {
@@ -1658,6 +1661,7 @@
} else if ( ka.getError() ) {
cancelledKey(key, SocketStatus.ERROR,true);
} else if (ka.getComet() && ka.getCometNotify() ) {
+ ka.setCometNotify(false);
reg(key,ka,0);//avoid multiple calls, this gets reregistered after invokation
//if (!processSocket(ka.getChannel(), SocketStatus.OPEN_CALLBACK)) processSocket(ka.getChannel(), SocketStatus.DISCONNECT);
if (!processSocket(ka.getChannel(), SocketStatus.OPEN)) processSocket(ka.getChannel(), SocketStatus.DISCONNECT);
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioSelectorPool.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioSelectorPool.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioSelectorPool.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/NioSelectorPool.java Fri Aug 29 20:11:31 2008
@@ -60,7 +60,8 @@
protected boolean enabled = true;
protected AtomicInteger active = new AtomicInteger(0);
protected AtomicInteger spare = new AtomicInteger(0);
- protected ConcurrentLinkedQueue<Selector> selectors = new ConcurrentLinkedQueue<Selector>();
+ protected ConcurrentLinkedQueue<Selector> selectors =
+ new ConcurrentLinkedQueue<Selector>();
protected Selector getSharedSelector() throws IOException {
if (SHARED && SHARED_SELECTOR == null) {
@@ -293,7 +294,7 @@
return sharedSelectorTimeout;
}
- public ConcurrentLinkedQueue getSelectors() {
+ public ConcurrentLinkedQueue<Selector> getSelectors() {
return selectors;
}
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SSLImplementation.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SSLImplementation.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SSLImplementation.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SSLImplementation.java Fri Aug 29 20:11:31 2008
@@ -18,7 +18,6 @@
package org.apache.tomcat.util.net;
import java.net.Socket;
-import javax.net.ssl.SSLSession;
/* SSLImplementation:
@@ -31,14 +30,11 @@
org.apache.juli.logging.LogFactory.getLog(SSLImplementation.class);
// The default implementations in our search path
- private static final String PureTLSImplementationClass=
- "org.apache.tomcat.util.net.puretls.PureTLSImplementation";
private static final String JSSEImplementationClass=
"org.apache.tomcat.util.net.jsse.JSSEImplementation";
private static final String[] implementations=
{
- PureTLSImplementationClass,
JSSEImplementationClass
};
@@ -71,7 +67,7 @@
if( JSSEImplementationClass.equals(className) ) {
return new org.apache.tomcat.util.net.jsse.JSSEImplementation();
}
- Class clazz=Class.forName(className);
+ Class<?> clazz=Class.forName(className);
return (SSLImplementation)clazz.newInstance();
} catch (Exception e){
if(logger.isDebugEnabled())
@@ -85,12 +81,4 @@
abstract public String getImplementationName();
abstract public ServerSocketFactory getServerSocketFactory();
abstract public SSLSupport getSSLSupport(Socket sock);
-
- /**
- * @deprecated This method has been deprecated since it adds a JSSE
- * dependency to this interface. It will be removed in versions
- * after 6.0.x.
- */
- @Deprecated
- abstract public SSLSupport getSSLSupport(SSLSession session);
}
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/ServerSocketFactory.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/ServerSocketFactory.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/ServerSocketFactory.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/ServerSocketFactory.java Fri Aug 29 20:11:31 2008
@@ -55,7 +55,8 @@
//
private static ServerSocketFactory theFactory;
- protected Hashtable attributes=new Hashtable();
+ protected Hashtable<String, Object> attributes =
+ new Hashtable<String, Object>();
/**
* Constructor is used only by subclasses.
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SocketProperties.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SocketProperties.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SocketProperties.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/SocketProperties.java Fri Aug 29 20:11:31 2008
@@ -1,370 +1,370 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.tomcat.util.net;
-
-import java.net.Socket;
-import java.net.SocketException;
-/**
- * Properties that can be set in the <Connector> element
- * in server.xml. All properties are prefixed with "socket."
- * and are currently only working for the Nio connector
- *
- * @author Filip Hanik
- */
-public class SocketProperties {
- /**
- * Enable/disable key cache, this bounded cache stores
- * KeyAttachment objects to reduce GC
- * Default is 500
- * -1 is unlimited
- * 0 is disabled
- */
- protected int keyCache = 500;
-
- /**
- * Enable/disable socket processor cache, this bounded cache stores
- * SocketProcessor objects to reduce GC
- * Default is 500
- * -1 is unlimited
- * 0 is disabled
- */
- protected int processorCache = 500;
-
-
-
- /**
- * Enable/disable poller event cache, this bounded cache stores
- * PollerEvent objects to reduce GC for the poller
- * Default is 500
- * -1 is unlimited
- * 0 is disabled
- * >0 the max number of objects to keep in cache.
- */
- protected int eventCache = 500;
-
-
- /**
- * Enable/disable direct buffers for the network buffers
- * Default value is enabled
- */
- protected boolean directBuffer = false;
- /**
- * Socket receive buffer size in bytes (SO_RCVBUF)
- * Default value is 25188
- */
- protected int rxBufSize = 25188;
- /**
- * Socket send buffer size in bytes (SO_SNDBUF)
- * Default value is 43800
- */
- protected int txBufSize = 43800;
-
- /**
- * The application read buffer size in bytes.
- * Default value is rxBufSize
- */
- protected int appReadBufSize = 8192;
-
- /**
- * The application write buffer size in bytes
- * Default value is txBufSize
- */
- protected int appWriteBufSize = 8192;
-
- /**
- * NioChannel pool size for the endpoint,
- * this value is how many channels
- * -1 means unlimited cached, 0 means no cache
- * Default value is 500
- */
- protected int bufferPool = 500;
-
-
- /**
- * Buffer pool size in bytes to be cached
- * -1 means unlimited, 0 means no cache
- * Default value is 100MB (1024*1024*100 bytes)
- */
- protected int bufferPoolSize = 1024*1024*100;
-
- /**
- * TCP_NO_DELAY option, default is true
- */
- protected boolean tcpNoDelay = true;
- /**
- * SO_KEEPALIVE option, default is false
- */
- protected boolean soKeepAlive = false;
- /**
- * OOBINLINE option, default is true
- */
- protected boolean ooBInline = true;
- /**
- * SO_REUSEADDR option, default is true
- */
- protected boolean soReuseAddress = true;
- /**
- * SO_LINGER option, default is true, paired with the <code>soLingerTime</code> value
- */
- protected boolean soLingerOn = true;
- /**
- * SO_LINGER option, default is 25 seconds.
- */
- protected int soLingerTime = 25;
- /**
- * SO_TIMEOUT option, default is 5000 milliseconds
- */
- protected int soTimeout = 5000;
- /**
- * Traffic class option, value between 0 and 255
- * IPTOS_LOWCOST (0x02)
- * IPTOS_RELIABILITY (0x04)
- * IPTOS_THROUGHPUT (0x08)
- * IPTOS_LOWDELAY (0x10)
- * Default value is 0x04 | 0x08 | 0x010
- */
- protected int soTrafficClass = 0x04 | 0x08 | 0x010;
- /**
- * Performance preferences according to
- * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
- * Default value is 1
- */
- protected int performanceConnectionTime = 1;
- /**
- * Performance preferences according to
- * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
- * Default value is 0
- */
- protected int performanceLatency = 0;
- /**
- * Performance preferences according to
- * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
- * Default value is 1
- */
- protected int performanceBandwidth = 1;
-
- /**
- * The minimum frequency of the timeout interval to avoid the
- * poller going boinkers during high traffic
- */
- protected long timeoutInterval = 1000;
-
-
- private Socket properties;
-
- public void setProperties(Socket socket) throws SocketException{
- socket.setReceiveBufferSize(rxBufSize);
- socket.setSendBufferSize(txBufSize);
- socket.setOOBInline(ooBInline);
- socket.setKeepAlive(soKeepAlive);
- socket.setPerformancePreferences(performanceConnectionTime,performanceLatency,performanceBandwidth);
- socket.setReuseAddress(soReuseAddress);
- socket.setSoLinger(soLingerOn,soLingerTime);
- socket.setSoTimeout(soTimeout);
- socket.setTcpNoDelay(tcpNoDelay);
- socket.setTrafficClass(soTrafficClass);
- }
-
- public boolean getDirectBuffer() {
- return directBuffer;
- }
-
- public boolean getOoBInline() {
- return ooBInline;
- }
-
- public int getPerformanceBandwidth() {
- return performanceBandwidth;
- }
-
- public int getPerformanceConnectionTime() {
- return performanceConnectionTime;
- }
-
- public int getPerformanceLatency() {
- return performanceLatency;
- }
-
- public int getRxBufSize() {
- return rxBufSize;
- }
-
- public boolean getSoKeepAlive() {
- return soKeepAlive;
- }
-
- public boolean getSoLingerOn() {
- return soLingerOn;
- }
-
- public int getSoLingerTime() {
- return soLingerTime;
- }
-
- public boolean getSoReuseAddress() {
- return soReuseAddress;
- }
-
- public int getSoTimeout() {
- return soTimeout;
- }
-
- public int getSoTrafficClass() {
- return soTrafficClass;
- }
-
- public boolean getTcpNoDelay() {
- return tcpNoDelay;
- }
-
- public int getTxBufSize() {
- return txBufSize;
- }
-
- public int getBufferPool() {
- return bufferPool;
- }
-
- public int getBufferPoolSize() {
- return bufferPoolSize;
- }
-
- public int getEventCache() {
- return eventCache;
- }
-
- public int getKeyCache() {
- return keyCache;
- }
-
- public Socket getProperties() {
- return properties;
- }
-
- public int getAppReadBufSize() {
- return appReadBufSize;
- }
-
- public int getAppWriteBufSize() {
- return appWriteBufSize;
- }
-
- public int getProcessorCache() {
- return processorCache;
- }
-
- public long getTimeoutInterval() {
- return timeoutInterval;
- }
-
- public int getDirectBufferPool() {
- return bufferPool;
- }
-
- public void setPerformanceConnectionTime(int performanceConnectionTime) {
- this.performanceConnectionTime = performanceConnectionTime;
- }
-
- public void setTxBufSize(int txBufSize) {
- this.txBufSize = txBufSize;
- }
-
- public void setTcpNoDelay(boolean tcpNoDelay) {
- this.tcpNoDelay = tcpNoDelay;
- }
-
- public void setSoTrafficClass(int soTrafficClass) {
- this.soTrafficClass = soTrafficClass;
- }
-
- public void setSoTimeout(int soTimeout) {
- this.soTimeout = soTimeout;
- }
-
- public void setSoReuseAddress(boolean soReuseAddress) {
- this.soReuseAddress = soReuseAddress;
- }
-
- public void setSoLingerTime(int soLingerTime) {
- this.soLingerTime = soLingerTime;
- }
-
- public void setSoKeepAlive(boolean soKeepAlive) {
- this.soKeepAlive = soKeepAlive;
- }
-
- public void setRxBufSize(int rxBufSize) {
- this.rxBufSize = rxBufSize;
- }
-
- public void setPerformanceLatency(int performanceLatency) {
- this.performanceLatency = performanceLatency;
- }
-
- public void setPerformanceBandwidth(int performanceBandwidth) {
- this.performanceBandwidth = performanceBandwidth;
- }
-
- public void setOoBInline(boolean ooBInline) {
- this.ooBInline = ooBInline;
- }
-
- public void setDirectBuffer(boolean directBuffer) {
- this.directBuffer = directBuffer;
- }
-
- public void setSoLingerOn(boolean soLingerOn) {
- this.soLingerOn = soLingerOn;
- }
-
- public void setBufferPool(int bufferPool) {
- this.bufferPool = bufferPool;
- }
-
- public void setBufferPoolSize(int bufferPoolSize) {
- this.bufferPoolSize = bufferPoolSize;
- }
-
- public void setEventCache(int eventCache) {
- this.eventCache = eventCache;
- }
-
- public void setKeyCache(int keyCache) {
- this.keyCache = keyCache;
- }
-
- public void setAppReadBufSize(int appReadBufSize) {
- this.appReadBufSize = appReadBufSize;
- }
-
- public void setAppWriteBufSize(int appWriteBufSize) {
- this.appWriteBufSize = appWriteBufSize;
- }
-
- public void setProcessorCache(int processorCache) {
- this.processorCache = processorCache;
- }
-
- public void setTimeoutInterval(long timeoutInterval) {
- this.timeoutInterval = timeoutInterval;
- }
-
- public void setDirectBufferPool(int directBufferPool) {
- this.bufferPool = directBufferPool;
- }
-
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.util.net;
+
+import java.net.Socket;
+import java.net.SocketException;
+/**
+ * Properties that can be set in the <Connector> element
+ * in server.xml. All properties are prefixed with "socket."
+ * and are currently only working for the Nio connector
+ *
+ * @author Filip Hanik
+ */
+public class SocketProperties {
+ /**
+ * Enable/disable key cache, this bounded cache stores
+ * KeyAttachment objects to reduce GC
+ * Default is 500
+ * -1 is unlimited
+ * 0 is disabled
+ */
+ protected int keyCache = 500;
+
+ /**
+ * Enable/disable socket processor cache, this bounded cache stores
+ * SocketProcessor objects to reduce GC
+ * Default is 500
+ * -1 is unlimited
+ * 0 is disabled
+ */
+ protected int processorCache = 500;
+
+
+
+ /**
+ * Enable/disable poller event cache, this bounded cache stores
+ * PollerEvent objects to reduce GC for the poller
+ * Default is 500
+ * -1 is unlimited
+ * 0 is disabled
+ * >0 the max number of objects to keep in cache.
+ */
+ protected int eventCache = 500;
+
+
+ /**
+ * Enable/disable direct buffers for the network buffers
+ * Default value is enabled
+ */
+ protected boolean directBuffer = false;
+ /**
+ * Socket receive buffer size in bytes (SO_RCVBUF)
+ * Default value is 25188
+ */
+ protected int rxBufSize = 25188;
+ /**
+ * Socket send buffer size in bytes (SO_SNDBUF)
+ * Default value is 43800
+ */
+ protected int txBufSize = 43800;
+
+ /**
+ * The application read buffer size in bytes.
+ * Default value is rxBufSize
+ */
+ protected int appReadBufSize = 8192;
+
+ /**
+ * The application write buffer size in bytes
+ * Default value is txBufSize
+ */
+ protected int appWriteBufSize = 8192;
+
+ /**
+ * NioChannel pool size for the endpoint,
+ * this value is how many channels
+ * -1 means unlimited cached, 0 means no cache
+ * Default value is 500
+ */
+ protected int bufferPool = 500;
+
+
+ /**
+ * Buffer pool size in bytes to be cached
+ * -1 means unlimited, 0 means no cache
+ * Default value is 100MB (1024*1024*100 bytes)
+ */
+ protected int bufferPoolSize = 1024*1024*100;
+
+ /**
+ * TCP_NO_DELAY option, default is true
+ */
+ protected boolean tcpNoDelay = true;
+ /**
+ * SO_KEEPALIVE option, default is false
+ */
+ protected boolean soKeepAlive = false;
+ /**
+ * OOBINLINE option, default is true
+ */
+ protected boolean ooBInline = true;
+ /**
+ * SO_REUSEADDR option, default is true
+ */
+ protected boolean soReuseAddress = true;
+ /**
+ * SO_LINGER option, default is true, paired with the <code>soLingerTime</code> value
+ */
+ protected boolean soLingerOn = true;
+ /**
+ * SO_LINGER option, default is 25 seconds.
+ */
+ protected int soLingerTime = 25;
+ /**
+ * SO_TIMEOUT option, default is 5000 milliseconds
+ */
+ protected int soTimeout = 5000;
+ /**
+ * Traffic class option, value between 0 and 255
+ * IPTOS_LOWCOST (0x02)
+ * IPTOS_RELIABILITY (0x04)
+ * IPTOS_THROUGHPUT (0x08)
+ * IPTOS_LOWDELAY (0x10)
+ * Default value is 0x04 | 0x08 | 0x010
+ */
+ protected int soTrafficClass = 0x04 | 0x08 | 0x010;
+ /**
+ * Performance preferences according to
+ * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
+ * Default value is 1
+ */
+ protected int performanceConnectionTime = 1;
+ /**
+ * Performance preferences according to
+ * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
+ * Default value is 0
+ */
+ protected int performanceLatency = 0;
+ /**
+ * Performance preferences according to
+ * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
+ * Default value is 1
+ */
+ protected int performanceBandwidth = 1;
+
+ /**
+ * The minimum frequency of the timeout interval to avoid the
+ * poller going boinkers during high traffic
+ */
+ protected long timeoutInterval = 1000;
+
+
+ private Socket properties;
+
+ public void setProperties(Socket socket) throws SocketException{
+ socket.setReceiveBufferSize(rxBufSize);
+ socket.setSendBufferSize(txBufSize);
+ socket.setOOBInline(ooBInline);
+ socket.setKeepAlive(soKeepAlive);
+ socket.setPerformancePreferences(performanceConnectionTime,performanceLatency,performanceBandwidth);
+ socket.setReuseAddress(soReuseAddress);
+ socket.setSoLinger(soLingerOn,soLingerTime);
+ socket.setSoTimeout(soTimeout);
+ socket.setTcpNoDelay(tcpNoDelay);
+ socket.setTrafficClass(soTrafficClass);
+ }
+
+ public boolean getDirectBuffer() {
+ return directBuffer;
+ }
+
+ public boolean getOoBInline() {
+ return ooBInline;
+ }
+
+ public int getPerformanceBandwidth() {
+ return performanceBandwidth;
+ }
+
+ public int getPerformanceConnectionTime() {
+ return performanceConnectionTime;
+ }
+
+ public int getPerformanceLatency() {
+ return performanceLatency;
+ }
+
+ public int getRxBufSize() {
+ return rxBufSize;
+ }
+
+ public boolean getSoKeepAlive() {
+ return soKeepAlive;
+ }
+
+ public boolean getSoLingerOn() {
+ return soLingerOn;
+ }
+
+ public int getSoLingerTime() {
+ return soLingerTime;
+ }
+
+ public boolean getSoReuseAddress() {
+ return soReuseAddress;
+ }
+
+ public int getSoTimeout() {
+ return soTimeout;
+ }
+
+ public int getSoTrafficClass() {
+ return soTrafficClass;
+ }
+
+ public boolean getTcpNoDelay() {
+ return tcpNoDelay;
+ }
+
+ public int getTxBufSize() {
+ return txBufSize;
+ }
+
+ public int getBufferPool() {
+ return bufferPool;
+ }
+
+ public int getBufferPoolSize() {
+ return bufferPoolSize;
+ }
+
+ public int getEventCache() {
+ return eventCache;
+ }
+
+ public int getKeyCache() {
+ return keyCache;
+ }
+
+ public Socket getProperties() {
+ return properties;
+ }
+
+ public int getAppReadBufSize() {
+ return appReadBufSize;
+ }
+
+ public int getAppWriteBufSize() {
+ return appWriteBufSize;
+ }
+
+ public int getProcessorCache() {
+ return processorCache;
+ }
+
+ public long getTimeoutInterval() {
+ return timeoutInterval;
+ }
+
+ public int getDirectBufferPool() {
+ return bufferPool;
+ }
+
+ public void setPerformanceConnectionTime(int performanceConnectionTime) {
+ this.performanceConnectionTime = performanceConnectionTime;
+ }
+
+ public void setTxBufSize(int txBufSize) {
+ this.txBufSize = txBufSize;
+ }
+
+ public void setTcpNoDelay(boolean tcpNoDelay) {
+ this.tcpNoDelay = tcpNoDelay;
+ }
+
+ public void setSoTrafficClass(int soTrafficClass) {
+ this.soTrafficClass = soTrafficClass;
+ }
+
+ public void setSoTimeout(int soTimeout) {
+ this.soTimeout = soTimeout;
+ }
+
+ public void setSoReuseAddress(boolean soReuseAddress) {
+ this.soReuseAddress = soReuseAddress;
+ }
+
+ public void setSoLingerTime(int soLingerTime) {
+ this.soLingerTime = soLingerTime;
+ }
+
+ public void setSoKeepAlive(boolean soKeepAlive) {
+ this.soKeepAlive = soKeepAlive;
+ }
+
+ public void setRxBufSize(int rxBufSize) {
+ this.rxBufSize = rxBufSize;
+ }
+
+ public void setPerformanceLatency(int performanceLatency) {
+ this.performanceLatency = performanceLatency;
+ }
+
+ public void setPerformanceBandwidth(int performanceBandwidth) {
+ this.performanceBandwidth = performanceBandwidth;
+ }
+
+ public void setOoBInline(boolean ooBInline) {
+ this.ooBInline = ooBInline;
+ }
+
+ public void setDirectBuffer(boolean directBuffer) {
+ this.directBuffer = directBuffer;
+ }
+
+ public void setSoLingerOn(boolean soLingerOn) {
+ this.soLingerOn = soLingerOn;
+ }
+
+ public void setBufferPool(int bufferPool) {
+ this.bufferPool = bufferPool;
+ }
+
+ public void setBufferPoolSize(int bufferPoolSize) {
+ this.bufferPoolSize = bufferPoolSize;
+ }
+
+ public void setEventCache(int eventCache) {
+ this.eventCache = eventCache;
+ }
+
+ public void setKeyCache(int keyCache) {
+ this.keyCache = keyCache;
+ }
+
+ public void setAppReadBufSize(int appReadBufSize) {
+ this.appReadBufSize = appReadBufSize;
+ }
+
+ public void setAppWriteBufSize(int appWriteBufSize) {
+ this.appWriteBufSize = appWriteBufSize;
+ }
+
+ public void setProcessorCache(int processorCache) {
+ this.processorCache = processorCache;
+ }
+
+ public void setTimeoutInterval(long timeoutInterval) {
+ this.timeoutInterval = timeoutInterval;
+ }
+
+ public void setDirectBufferPool(int directBufferPool) {
+ this.bufferPool = directBufferPool;
+ }
+
}
\ No newline at end of file
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSEFactory.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSEFactory.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSEFactory.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSEFactory.java Fri Aug 29 20:11:31 2008
@@ -53,4 +53,4 @@
return new JSSESupport(session);
}
-};
+}
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Fri Aug 29 20:11:31 2008
@@ -171,13 +171,14 @@
String[] enabledCiphers = null;
if (requestedCiphers != null) {
- Vector vec = null;
+ Vector<String> vec = null;
String cipher = requestedCiphers;
int index = requestedCiphers.indexOf(',');
if (index != -1) {
int fromIndex = 0;
while (index != -1) {
- cipher = requestedCiphers.substring(fromIndex, index).trim();
+ cipher =
+ requestedCiphers.substring(fromIndex, index).trim();
if (cipher.length() > 0) {
/*
* Check to see if the requested cipher is among the
@@ -187,7 +188,7 @@
&& i<supportedCiphers.length; i++) {
if (supportedCiphers[i].equals(cipher)) {
if (vec == null) {
- vec = new Vector();
+ vec = new Vector<String>();
}
vec.addElement(cipher);
break;
@@ -211,7 +212,7 @@
&& i<supportedCiphers.length; i++) {
if (supportedCiphers[i].equals(cipher)) {
if (vec == null) {
- vec = new Vector();
+ vec = new Vector<String>();
}
vec.addElement(cipher);
break;
@@ -249,39 +250,43 @@
/*
* Gets the SSL server's keystore.
*/
- protected KeyStore getKeystore(String type, String pass)
+ protected KeyStore getKeystore(String type, String provider, String pass)
throws IOException {
String keystoreFile = (String)attributes.get("keystore");
if (keystoreFile == null)
keystoreFile = defaultKeystoreFile;
- return getStore(type, keystoreFile, pass);
+ return getStore(type, provider, keystoreFile, pass);
}
/*
* Gets the SSL server's truststore.
*/
- protected KeyStore getTrustStore(String keystoreType) throws IOException {
+ protected KeyStore getTrustStore(String keystoreType,
+ String keystoreProvider) throws IOException {
KeyStore trustStore = null;
- String trustStoreFile = (String)attributes.get("truststoreFile");
- if(trustStoreFile == null) {
- trustStoreFile = System.getProperty("javax.net.ssl.trustStore");
+ String truststoreFile = (String)attributes.get("truststoreFile");
+ if(truststoreFile == null) {
+ truststoreFile = System.getProperty("javax.net.ssl.trustStore");
}
if(log.isDebugEnabled()) {
- log.debug("Truststore = " + trustStoreFile);
+ log.debug("Truststore = " + truststoreFile);
}
- String trustStorePassword = (String)attributes.get("truststorePass");
- if( trustStorePassword == null) {
- trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
+
+ String truststorePassword = (String)attributes.get("truststorePass");
+ if( truststorePassword == null) {
+ truststorePassword =
+ System.getProperty("javax.net.ssl.trustStorePassword");
}
- if( trustStorePassword == null ) {
- trustStorePassword = getKeystorePassword();
+ if( truststorePassword == null ) {
+ truststorePassword = getKeystorePassword();
}
if(log.isDebugEnabled()) {
- log.debug("TrustPass = " + trustStorePassword);
+ log.debug("TrustPass = " + truststorePassword);
}
+
String truststoreType = (String)attributes.get("truststoreType");
if( truststoreType == null) {
truststoreType = System.getProperty("javax.net.ssl.trustStoreType");
@@ -292,9 +297,23 @@
if(log.isDebugEnabled()) {
log.debug("trustType = " + truststoreType);
}
- if (trustStoreFile != null && trustStorePassword != null){
- trustStore = getStore(truststoreType, trustStoreFile,
- trustStorePassword);
+
+ String truststoreProvider =
+ (String)attributes.get("truststoreProvider");
+ if( truststoreProvider == null) {
+ truststoreProvider =
+ System.getProperty("javax.net.ssl.trustStoreProvider");
+ }
+ if (truststoreProvider == null) {
+ truststoreProvider = keystoreProvider;
+ }
+ if(log.isDebugEnabled()) {
+ log.debug("trustProvider = " + truststoreProvider);
+ }
+
+ if (truststoreFile != null && truststorePassword != null){
+ trustStore = getStore(truststoreType, truststoreProvider,
+ truststoreFile, truststorePassword);
}
return trustStore;
@@ -303,14 +322,19 @@
/*
* Gets the key- or truststore with the specified type, path, and password.
*/
- private KeyStore getStore(String type, String path, String pass)
- throws IOException {
+ private KeyStore getStore(String type, String provider, String path,
+ String pass) throws IOException {
KeyStore ks = null;
InputStream istream = null;
try {
- ks = KeyStore.getInstance(type);
- if(! "PKCS11".equalsIgnoreCase(type) ) {
+ if (provider == null) {
+ ks = KeyStore.getInstance(type);
+ } else {
+ ks = KeyStore.getInstance(type, provider);
+ }
+ if(!("PKCS11".equalsIgnoreCase(type) ||
+ "".equalsIgnoreCase(path))) {
File keyStoreFile = new File(path);
if (!keyStoreFile.isAbsolute()) {
keyStoreFile = new File(System.getProperty("catalina.base"),
@@ -321,13 +345,18 @@
ks.load(istream, pass.toCharArray());
} catch (FileNotFoundException fnfe) {
+ log.error(sm.getString("jsse.keystore_load_failed", type, path,
+ fnfe.getMessage()), fnfe);
throw fnfe;
} catch (IOException ioe) {
+ log.error(sm.getString("jsse.keystore_load_failed", type, path,
+ ioe.getMessage()), ioe);
throw ioe;
} catch(Exception ex) {
- log.error("Exception trying to load keystore " +path,ex);
- throw new IOException("Exception trying to load keystore " +
- path + ": " + ex.getMessage() );
+ String msg = sm.getString("jsse.keystore_load_failed", type, path,
+ ex.getMessage());
+ log.error(msg, ex);
+ throw new IOException(msg);
} finally {
if (istream != null) {
try {
@@ -364,7 +393,7 @@
// Certificate encoding algorithm (e.g., SunX509)
String algorithm = (String) attributes.get("algorithm");
if (algorithm == null) {
- algorithm = KeyManagerFactory.getDefaultAlgorithm();;
+ algorithm = KeyManagerFactory.getDefaultAlgorithm();
}
String keystoreType = (String) attributes.get("keystoreType");
@@ -372,15 +401,22 @@
keystoreType = defaultKeystoreType;
}
- String trustAlgorithm = (String)attributes.get("truststoreAlgorithm");
- if( trustAlgorithm == null ) {
- trustAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
- }
+ String keystoreProvider =
+ (String) attributes.get("keystoreProvider");
+
+ String trustAlgorithm =
+ (String)attributes.get("truststoreAlgorithm");
+ if( trustAlgorithm == null ) {
+ trustAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
+ }
+
// Create and init SSLContext
SSLContext context = SSLContext.getInstance(protocol);
- context.init(getKeyManagers(keystoreType, algorithm,
- (String) attributes.get("keyAlias")),
- getTrustManagers(keystoreType, trustAlgorithm),
+ context.init(getKeyManagers(keystoreType, keystoreProvider,
+ algorithm,
+ (String) attributes.get("keyAlias")),
+ getTrustManagers(keystoreType, keystoreProvider,
+ trustAlgorithm),
new SecureRandom());
// create proxy
@@ -388,8 +424,12 @@
// Determine which cipher suites to enable
String requestedCiphers = (String)attributes.get("ciphers");
- enabledCiphers = getEnabledCiphers(requestedCiphers,
- sslProxy.getSupportedCipherSuites());
+ enabledCiphers =
+ getEnabledCiphers(requestedCiphers,
+ sslProxy.getSupportedCipherSuites());
+
+ // Check the SSL config is OK
+ checkConfig();
} catch(Exception e) {
if( e instanceof IOException )
@@ -402,6 +442,7 @@
* Gets the initialized key managers.
*/
protected KeyManager[] getKeyManagers(String keystoreType,
+ String keystoreProvider,
String algorithm,
String keyAlias)
throws Exception {
@@ -410,9 +451,10 @@
String keystorePass = getKeystorePassword();
- KeyStore ks = getKeystore(keystoreType, keystorePass);
+ KeyStore ks = getKeystore(keystoreType, keystoreProvider, keystorePass);
if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {
- throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));
+ throw new IOException(
+ sm.getString("jsse.alias_no_key_entry", keyAlias));
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
@@ -434,26 +476,27 @@
/**
* Gets the intialized trust managers.
*/
- protected TrustManager[] getTrustManagers(String keystoreType, String algorithm)
+ protected TrustManager[] getTrustManagers(String keystoreType,
+ String keystoreProvider, String algorithm)
throws Exception {
String crlf = (String) attributes.get("crlFile");
TrustManager[] tms = null;
- String truststoreType = (String) attributes.get("truststoreType");
- if (truststoreType == null) {
- truststoreType = keystoreType;
- }
- KeyStore trustStore = getTrustStore(truststoreType);
+ KeyStore trustStore = getTrustStore(keystoreType, keystoreProvider);
if (trustStore != null) {
if (crlf == null) {
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
+ TrustManagerFactory tmf =
+ TrustManagerFactory.getInstance(algorithm);
tmf.init(trustStore);
tms = tmf.getTrustManagers();
} else {
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
- CertPathParameters params = getParameters(algorithm, crlf, trustStore);
- ManagerFactoryParameters mfp = new CertPathTrustManagerParameters(params);
+ TrustManagerFactory tmf =
+ TrustManagerFactory.getInstance(algorithm);
+ CertPathParameters params =
+ getParameters(algorithm, crlf, trustStore);
+ ManagerFactoryParameters mfp =
+ new CertPathTrustManagerParameters(params);
tmf.init(mfp);
tms = tmf.getTrustManagers();
}
@@ -477,9 +520,9 @@
throws Exception {
CertPathParameters params = null;
if("PKIX".equalsIgnoreCase(algorithm)) {
- PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore,
- new X509CertSelector());
- Collection crls = getCRLs(crlf);
+ PKIXBuilderParameters xparams =
+ new PKIXBuilderParameters(trustStore, new X509CertSelector());
+ Collection<? extends CRL> crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
@@ -540,7 +583,8 @@
* @param socket the SSLServerSocket.
* @param protocols the protocols to use.
*/
- protected void setEnabledProtocols(SSLServerSocket socket, String []protocols){
+ protected void setEnabledProtocols(SSLServerSocket socket,
+ String []protocols){
if (protocols != null) {
socket.setEnabledProtocols(protocols);
}
@@ -563,13 +607,14 @@
String[] enabledProtocols = null;
if (requestedProtocols != null) {
- Vector vec = null;
+ Vector<String> vec = null;
String protocol = requestedProtocols;
int index = requestedProtocols.indexOf(',');
if (index != -1) {
int fromIndex = 0;
while (index != -1) {
- protocol = requestedProtocols.substring(fromIndex, index).trim();
+ protocol =
+ requestedProtocols.substring(fromIndex, index).trim();
if (protocol.length() > 0) {
/*
* Check to see if the requested protocol is among the
@@ -579,7 +624,7 @@
&& i<supportedProtocols.length; i++) {
if (supportedProtocols[i].equals(protocol)) {
if (vec == null) {
- vec = new Vector();
+ vec = new Vector<String>();
}
vec.addElement(protocol);
break;
@@ -603,7 +648,7 @@
&& i<supportedProtocols.length; i++) {
if (supportedProtocols[i].equals(protocol)) {
if (vec == null) {
- vec = new Vector();
+ vec = new Vector<String>();
}
vec.addElement(protocol);
break;
@@ -667,4 +712,46 @@
configureClientAuth(socket);
}
+ /**
+ * Checks that the certificate is compatible with the enabled cipher suites.
+ * If we don't check now, the JIoEndpoint can enter a nasty logging loop.
+ * See bug 45528.
+ */
+ private void checkConfig() throws IOException {
+ // Create an unbound server socket
+ ServerSocket socket = sslProxy.createServerSocket();
+ initServerSocket(socket);
+
+ try {
+ // Set the timeout to 1ms as all we care about is if it throws an
+ // SSLException on accept.
+ socket.setSoTimeout(1);
+
+ socket.accept();
+ // Will never get here - no client can connect to an unbound port
+ } catch (SSLException ssle) {
+ // SSL configuration is invalid. Possibly cert doesn't match ciphers
+ IOException ioe = new IOException(sm.getString(
+ "jsse.invalid_ssl_conf", ssle.getMessage()));
+ ioe.initCause(ssle);
+ throw ioe;
+ } catch (Exception e) {
+ /*
+ * Possible ways of getting here
+ * socket.accept() throws a SecurityException
+ * socket.setSoTimeout() throws a SocketException
+ * socket.accept() throws some other exception (after a JDK change)
+ * In these cases the test won't work so carry on - essentially
+ * the behaviour before this patch
+ * socket.accept() throws a SocketTimeoutException
+ * In this case all is well so carry on
+ */
+ } finally {
+ // Should be open here but just in case
+ if (!socket.isClosed()) {
+ socket.close();
+ }
+ }
+
+ }
}
Modified: tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESupport.java
URL: http://svn.apache.org/viewvc/tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESupport.java?rev=690448&r1=690447&r2=690448&view=diff
==============================================================================
--- tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESupport.java (original)
+++ tomcat/sandbox/tomcat-lite/coyote-nio/org/apache/tomcat/util/net/jsse/JSSESupport.java Fri Aug 29 20:11:31 2008
@@ -125,19 +125,19 @@
return null;
// Convert JSSE's certificate format to the ones we need
- X509Certificate [] jsseCerts = null;
- try {
- jsseCerts = session.getPeerCertificateChain();
- } catch(Exception bex) {
- // ignore.
- }
- if (jsseCerts == null)
- jsseCerts = new X509Certificate[0];
- if(jsseCerts.length <= 0 && force) {
- session.invalidate();
- handShake();
- session = ssl.getSession();
- }
+ X509Certificate [] jsseCerts = null;
+ try {
+ jsseCerts = session.getPeerCertificateChain();
+ } catch(Exception bex) {
+ // ignore.
+ }
+ if (jsseCerts == null)
+ jsseCerts = new X509Certificate[0];
+ if(jsseCerts.length <= 0 && force) {
+ session.invalidate();
+ handShake();
+ session = ssl.getSession();
+ }
return getX509Certificates(session);
}
@@ -159,7 +159,7 @@
if(log.isTraceEnabled())
log.trace("Reading for try #" +i);
try {
- int x = in.read(b);
+ in.read(b);
} catch(SSLException sslex) {
log.info("SSL Error getting client Certs",sslex);
throw sslex;
@@ -213,7 +213,7 @@
return null;
StringBuffer buf=new StringBuffer("");
for(int x=0; x<ssl_session.length; x++) {
- String digit=Integer.toHexString((int)ssl_session[x]);
+ String digit=Integer.toHexString(ssl_session[x]);
if (digit.length()<2) buf.append('0');
if (digit.length()>2) digit=digit.substring(digit.length()-2);
buf.append(digit);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org