[SCM] tomcat6 packaging branch, upstream, updated. upstream/6.0.35-1-gf77df25
tony mancill
tmancill at debian.org
Sat Dec 8 04:38:48 UTC 2012
The following commit has been merged in the upstream branch:
commit f77df25808d00682aa4fda2c53ad024e20df3772
Author: tony mancill <tmancill at debian.org>
Date: Sun Dec 2 15:12:58 2012 -0800
Imported Upstream version 6.0.36
diff --git a/BUILDING.txt b/BUILDING.txt
index cecd715..f2e76de 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -15,7 +15,7 @@
limitations under the License.
================================================================================
-$Id: BUILDING.txt 1202262 2011-11-15 15:54:27Z kkolinko $
+$Id: BUILDING.txt 1371985 2012-08-11 18:19:13Z kkolinko $
====================================================
Building The Apache Tomcat 6.0 Servlet/JSP Container
@@ -37,9 +37,31 @@ source distribution, do the following:
* If the JDK is already installed, skip to (1).
-* Download a Java Development Kit (JDK) release (version 1.5.x or later) from:
+* Download a Java Development Kit (JDK) of Java SE version 5 from
- http://java.sun.com/j2se/
+ http://www.oracle.com/technetwork/java/javase/downloads/index.html
+ or from another JDK vendor.
+
+ Note regarding versions of Java later than Java SE 5:
+
+ As documented elsewhere, one of components in Apache Tomcat includes
+ a private copy of the Apache Commons DBCP library. The source code
+ for this library is downloaded, processed by the build script
+ (renaming the packages) and compiled.
+
+ Due to changes in JDBC interfaces implemented by the library between
+ versions of Java SE specification, the library has to target specific
+ version of Java and can be compiled only with the JDK version
+ implementing this version of specification.
+
+ See Apache Commons DBCP project web site for more details on
+ available versions of the library and its requirements,
+
+ http://commons.apache.org/dbcp/
+
+ It is possible to use later versions of JDK to build Tomcat 6.0, but the
+ building of that component (tomcat-dbcp.jar) will be skipped and a
+ warning will be printed.
* Install the JDK according to the instructions included with the release.
diff --git a/NOTICE b/NOTICE
index c44c35d..aaa19b6 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,5 +1,5 @@
Apache Tomcat
-Copyright 1999-2011 The Apache Software Foundation
+Copyright 1999-2012 The Apache Software Foundation
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index fe7305e..449b0fd 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -15,7 +15,7 @@
limitations under the License.
================================================================================
-$Id: RELEASE-NOTES 1178679 2011-10-04 04:25:20Z kkolinko $
+$Id: RELEASE-NOTES 1392285 2012-10-01 11:32:00Z kkolinko $
Apache Tomcat Version @VERSION@
@@ -185,6 +185,20 @@ Viewing the Tomcat Change Log:
See changelog.html in this directory.
+============================================
+Multi-byte charset handling bug in Java 1.5:
+============================================
+Public versions of Sun/Oracle Java 1.5 are known to have a nasty bug in
+implementation of Charset.decode() method for certain character sets.
+
+For details, test and a list of affected character sets see:
+
+http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6196991
+https://issues.apache.org/bugzilla/show_bug.cgi?id=52579
+
+The UTF-8 charset is not affected by this issue.
+
+
=============================
Cryptographic software notice
=============================
diff --git a/RUNNING.txt b/RUNNING.txt
index 4951c66..7237b0b 100644
--- a/RUNNING.txt
+++ b/RUNNING.txt
@@ -15,81 +15,196 @@
limitations under the License.
================================================================================
-$Id: RUNNING.txt 896899 2010-01-07 15:05:58Z kkolinko $
+$Id: RUNNING.txt 1348600 2012-06-10 14:11:54Z kkolinko $
===================================================
Running The Apache Tomcat 6.0 Servlet/JSP Container
===================================================
-Apache Tomcat 6.0 requires the Java 2 Standard Edition Runtime
+Apache Tomcat @VERSION_MAJOR_MINOR@ requires a Java Standard Edition Runtime
Environment (JRE) version 5.0 or later.
=============================
Running With JRE 5.0 Or Later
=============================
-(1) Download and Install the J2SE Runtime Environment (JRE)
+(1) Download and Install a Java SE Runtime Environment (JRE)
-(1.1) Download the Java 2 Standard Edition Runtime Environment (JRE),
- release version 5.0 or later, from http://java.sun.com/j2se.
+(1.1) Download a Java SE Runtime Environment (JRE),
+ release version 5.0 or later, from
+ http://www.oracle.com/technetwork/java/javase/downloads/index.html
(1.2) Install the JRE according to the instructions included with the
release.
-(1.3) Set an environment variable named JRE_HOME to the pathname of
- the directory into which you installed the JRE, e.g. c:\jre5.0
- or /usr/local/java/jre5.0.
-NOTE: You may also use the full JDK rather than just the JRE. In this
- case set your JAVA_HOME environment variable to the pathname of
- the directory into which you installed the JDK, e.g. c:\j2sdk5.0
- or /usr/local/java/j2sdk5.0.
+ You may also use a full Java Development Kit (JDK) rather than just
+ a JRE.
-(2) Download and Install the Tomcat Binary Distribution
-
-NOTE: As an alternative to downloading a binary distribution, you can create
-your own from the Tomcat source repository, as described in "BUILDING.txt".
-If you do this, the value to use for "${catalina.home}" will be the "dist"
-subdirectory of your source distribution.
+(2) Download and Install Apache Tomcat
(2.1) Download a binary distribution of Tomcat from:
- http://tomcat.apache.org
+ http://tomcat.apache.org/
+
+(2.2) Unpack the binary distribution so that it resides in its own
+ directory (conventionally named "apache-tomcat-[version]").
+
+ For the purposes of the remainder of this document, the name
+ "CATALINA_HOME" is used to refer to the full pathname of that
+ directory.
+
+NOTE: As an alternative to downloading a binary distribution, you can
+create your own from the Tomcat source code, as described in
+"BUILDING.txt". You can either
+
+ a) Do the full "release" build and find the created distribution in the
+ "output/release" directory and then proceed with unpacking as above, or
+
+ b) Do a simple build and use the "output/build" directory as
+ "CATALINA_HOME". Be warned that there are some differences between the
+ contents of the "output/build" directory and a full "release"
+ distribution.
+
+
+(3) Configure Environment Variables
+
+Tomcat is a Java application and does not use environment variables. The
+variables are used by the Tomcat startup scripts. The scripts use the variables
+to prepare the command that starts Tomcat.
+
+(3.1) Set CATALINA_HOME (required) and CATALINA_BASE (optional)
+
+The CATALINA_HOME and CATALINA_BASE environment variables are used to
+specify the location of Apache Tomcat and the location of its active
+configuration, respectively.
+
+The CATALINA_HOME environment variable should be set as defined in (2.2)
+above. The Tomcat startup scripts have some logic to set this variable
+automatically if it is absent (based on the location of the script in
+Unixes and on the current directory in Windows), but this logic might not work
+in all circumstances.
+
+The CATALINA_BASE environment variable is optional and is further described
+in the "Multiple Tomcat Instances" section below. If it is absent, it defaults
+to be equal to CATALINA_HOME.
+
+
+(3.2) Set JRE_HOME or JAVA_HOME (required)
+
+The JRE_HOME variable is used to specify location of a JRE that is used to
+start Tomcat.
+
+The JAVA_HOME variable is used to specify location of a JDK. It is used instead
+of JRE_HOME.
+
+Using JAVA_HOME provides access to certain additional startup options that
+are not allowed when JRE_HOME is used.
+
+If both JRE_HOME and JAVA_HOME are specified, JRE_HOME is used.
+
+
+(3.3) Other variables (optional)
+
+Other environment variables exist, besides the four described above.
+See the comments at the top of catalina.bat or catalina.sh scripts for
+the list and a description of each of them.
+
+One frequently used variable is CATALINA_OPTS. It allows specification of
+additional options for the java command that starts Tomcat.
+
+See the Java documentation for the options that affect the Java Runtime
+Environment.
+
+See the "System Properties" page in the Tomcat Configuration Reference for
+the system properties that are specific to Tomcat.
+
+A similar variable is JAVA_OPTS. It is used less frequently. It allows
+specification of options that are used both to start and to stop Tomcat as well
+as for other commands.
+
+Do not use JAVA_OPTS to specify memory limits. You do not need much memory
+for a small process that is used to stop Tomcat. Those settings belong to
+CATALINA_OPTS.
+
+Another frequently used variable is CATALINA_PID (on *nix platforms only). It
+specifies the location of the file where process id of the forked Tomcat java
+process will be written. This setting is optional. It will enable the
+following features:
+
+ - better protection against duplicate start attempts and
+ - allows forceful termination of Tomcat process when it does not react to
+ the standard shutdown command.
-(2.2) Unpack the binary distribution into a convenient location so that the
- distribution resides in its own directory (conventionally named
- "apache-tomcat-[version]"). For the purposes of the remainder of this document,
- the symbolic name "$CATALINA_HOME" is used to refer to the full
- pathname of the release directory.
+(3.4) setenv script (optional)
-(3) Start Up Tomcat
+Apart from CATALINA_HOME and CATALINA_BASE, all environment variables can
+be specified in the "setenv" script.
-(3.1) Tomcat can be started by executing the following commands:
+The script is named setenv.bat (Windows) or setenv.sh (*nix). It can be
+placed either into CATALINA_BASE/bin or into CATALINA_HOME/bin. The file
+has to be readable.
- $CATALINA_HOME\bin\startup.bat (Windows)
+By default the setenv script file is absent. If the setenv script is
+present both in CATALINA_BASE and in CATALINA_HOME, the one in
+CATALINA_BASE is used.
+
+For example, to configure the JRE_HOME and CATALINA_PID variables you can
+create the following script file:
+
+On Windows, %CATALINA_BASE%\bin\setenv.bat:
+
+ set "JRE_HOME=%ProgramFiles%\Java\jre6"
+ exit /b 0
+
+On Unix, $CATALINA_BASE/bin/setenv.sh:
+
+ JRE_HOME=/usr/java/latest
+ CATALINA_PID="$CATALINA_BASE/tomcat.pid"
+
+You cannot configure CATALINA_HOME and CATALINA_BASE variables in the
+setenv script, because they are used to find that file.
+
+
+(4) Start Up Tomcat
+
+(4.1) Tomcat can be started by executing one of the following commands:
+
+ %CATALINA_HOME%\bin\startup.bat (Windows)
$CATALINA_HOME/bin/startup.sh (Unix)
-(3.2) After startup, the default web applications included with Tomcat will be
+ or
+
+ %CATALINA_HOME%\bin\catalina.bat start (Windows)
+
+ $CATALINA_HOME/bin/catalina.sh start (Unix)
+
+(4.2) After startup, the default web applications included with Tomcat will be
available by visiting:
http://localhost:8080/
-(3.3) Further information about configuring and running Tomcat can be found in
+(4.3) Further information about configuring and running Tomcat can be found in
the documentation included here, as well as on the Tomcat web site:
- http://tomcat.apache.org
+ http://tomcat.apache.org/
-(4) Shut Down Tomcat
+(5) Shut Down Tomcat
-(4.1) Tomcat can be shut down by executing the following command:
+(5.1) Tomcat can be shut down by executing one of the following commands:
- $CATALINA_HOME\bin\shutdown (Windows)
+ %CATALINA_HOME%\bin\shutdown.bat (Windows)
$CATALINA_HOME/bin/shutdown.sh (Unix)
+ or
+
+ %CATALINA_HOME%\bin\catalina.bat stop (Windows)
+
+ $CATALINA_HOME/bin/catalina.sh stop (Unix)
==================================================
Advanced Configuration - Multiple Tomcat Instances
@@ -97,40 +212,96 @@ Advanced Configuration - Multiple Tomcat Instances
In many circumstances, it is desirable to have a single copy of a Tomcat
binary distribution shared among multiple users on the same server. To make
-this possible, you can set the $CATALINA_BASE environment variable to the
+this possible, you can set the CATALINA_BASE environment variable to the
directory that contains the files for your 'personal' Tomcat instance.
-When you use $CATALINA_BASE, Tomcat will calculate all relative references for
-files in the following directories based on the value of $CATALINA_BASE instead
-of $CATALINA_HOME:
+When running with a separate CATALINA_HOME and CATALINA_BASE, the files
+and directories are split as following:
+
+In CATALINA_BASE:
+
+ * bin - Only the following files:
+
+ * setenv.sh (*nix) or setenv.bat (Windows),
+ * tomcat-juli.jar
+
+ The setenv scripts were described above. The tomcat-juli library
+ is documented in the Logging chapter in the User Guide.
+
+ * conf - Server configuration files (including server.xml)
+
+ * lib - Libraries and classes, as explained below
+
+ * logs - Log and output files
+
+ * webapps - Automatically loaded web applications
+
+ * work - Temporary working directories for web applications
+
+ * temp - Directory used by the JVM for temporary files (java.io.tmpdir)
+
+
+In CATALINA_HOME:
+
+ * bin - Startup and shutdown scripts
+
+ The following files will be used only if they are absent in
+ CATALINA_BASE/bin:
-* bin - Only setenv.sh (*nix), setenv.bat (windows) and tomcat-juli.jar
+ setenv.sh (*nix), setenv.bat (Windows), tomcat-juli.jar
-* conf - Server configuration files (including server.xml)
+ * lib - Libraries and classes, as explained below
-* logs - Log and output files
+ * endorsed - Libraries that override standard "Endorsed Standards"
+ libraries provided by JRE. See Classloading documentation
+ in the User Guide for details.
-* webapps - Automatically loaded web applications
+ By default this "endorsed" directory is absent.
-* work - Temporary working directories for web applications
+In the default configuration the JAR libraries and classes both in
+CATALINA_BASE/lib and in CATALINA_HOME/lib will be added to the common
+classpath, but the ones in CATALINA_BASE will be added first and thus will
+be searched first.
-* temp - Directory used by the JVM for temporary files (java.io.tmpdir)
+The idea is that you may leave the standard Tomcat libraries in
+CATALINA_HOME/lib and add other ones such as database drivers into
+CATALINA_BASE/lib.
-Note that by default Tomcat will first try to load classes and JARs from
-$CATALINA_BASE/lib and then $CATALINA_HOME/lib. You can place instance specific
-JARs and classes (e.g. JDBC drivers) in $CATALINA_BASE/lib whilst keeping the
-standard Tomcat JARs in $CATALINA_HOME/lib.
+In general it is advised to never share libraries between web applications,
+but put them into WEB-INF/lib directories inside the applications. See
+Classloading documentation in the User Guide for details.
-If you do not set $CATALINA_BASE, $CATALINA_BASE will default to the same value
-as $CATALINA_HOME, which means that the same directory is used for all relative
-path resolutions.
+
+It might be useful to note that the values of CATALINA_HOME and
+CATALINA_BASE can be referenced in the XML configuration files processed
+by Tomcat as ${catalina.home} and ${catalina.base} respectively.
+
+For example, the standard manager web application can be kept in
+CATALINA_HOME/webapps/manager and loaded into CATALINA_BASE by using
+the following trick:
+
+ * Copy the CATALINA_HOME/webapps/manager/META-INF/context.xml
+ file as CATALINA_BASE/conf/Catalina/localhost/manager.xml
+
+ * Add docBase attribute as shown below.
+
+The file will look like the following:
+
+ <?xml version="1.0" encoding="UTF-8"?>
+ <Context docBase="${catalina.home}/webapps/manager"
+ antiResourceLocking="false" privileged="true" useHttpOnly="true" >
+ </Context>
+
+See Deployer chapter in User Guide and Context and Host chapters in the
+Configuration Reference for more information on contexts and web
+application deployment.
================
Troubleshooting
================
-There are only really 3 things likely to go wrong during the stand-alone
+There are only really 2 things likely to go wrong during the stand-alone
Tomcat install:
(1) The most common hiccup is when another web server (or any process for that
@@ -143,24 +314,141 @@ Tomcat install:
greater than 1024, as ports less than or equal to 1024 require superuser
access to bind under UNIX.
- Restart Tomcat and you're in business. Be sure that you replace the "8080"
- in the URL you're using to access Tomcat. For example, if you change the
- port to 1977, you would request the URL http://localhost:1977/ in your browser.
-
-(2) An "out of environment space" error when running the batch files in
- Windows 95, 98, or ME operating systems.
+ Restart Tomcat and you're in business. Be sure that you replace the "8080"
+ in the URL you're using to access Tomcat. For example, if you change the
+ port to 1977, you would request the URL http://localhost:1977/ in your
+ browser.
- Right-click on the STARTUP.BAT and SHUTDOWN.BAT files. Click on
- "Properties", then on the "Memory" tab. For the "Initial environment" field,
- enter in something like 4096.
-
- After you click apply, Windows will create shortcuts which you can use
- to start and stop the container.
-
-(3) The 'localhost' machine isn't found. This could happen if you're behind a
+(2) The 'localhost' machine isn't found. This could happen if you're behind a
proxy. If that's the case, make sure the proxy configuration for your
browser knows that you shouldn't be going through the proxy to access the
"localhost".
- In Netscape, this is under Edit/Preferences -> Advanced/Proxies, and in
- Internet Explorer, Tools -> Internet Options -> Connections -> LAN Settings.
+ In Firefox, this is under Tools/Preferences -> Advanced/Network ->
+ Connection -> Settings..., and in Internet Explorer it is Tools ->
+ Internet Options -> Connections -> LAN Settings.
+
+
+====================
+Optional Components
+====================
+
+The following optional components may be included with the Apache Tomcat binary
+distribution. If they are not included, you can install them separately.
+
+ 1. Apache Tomcat Native library
+
+ 2. Apache Commons Daemon service launcher
+
+Both of them are implemented in C language and as such have to be compiled
+into binary code. The binary code will be specific for a platform and CPU
+architecture and it must match the Java Runtime Environment executables
+that will be used to launch Tomcat.
+
+The Windows-specific binary distributions of Apache Tomcat include binary
+files for these components. On other platforms you would have to look for
+binary versions elsewhere or compile them yourself.
+
+If you are new to Tomcat, do not bother with these components to start with.
+If you do use them, do not forget to read their documentation.
+
+
+Apache Tomcat Native library
+-----------------------------
+
+It is a library that allows to use the "Apr" variant of HTTP and AJP
+protocol connectors in Apache Tomcat. It is built around OpenSSL and Apache
+Portable Runtime (APR) libraries. Those are the same libraries as used by
+Apache HTTPD Server project.
+
+This feature was especially important in the old days when Java performance
+was poor. It is less important nowadays, but it is still used and respected
+by many. See Tomcat documentation for more details.
+
+For further reading:
+
+ - Apache Tomcat documentation
+
+ * Documentation for APR/Native library in the Tomcat User's Guide
+
+ http://tomcat.apache.org/tomcat-@VERSION_MAJOR_MINOR@-doc/apr.html
+
+ * Documentation for the HTTP and AJP protocol connectors in the Tomcat
+ Configuration Reference
+
+ http://tomcat.apache.org/tomcat-@VERSION_MAJOR_MINOR@-doc/config/http.html
+
+ http://tomcat.apache.org/tomcat-@VERSION_MAJOR_MINOR@-doc/config/ajp.html
+
+ - Apache Tomcat Native project home
+
+ http://tomcat.apache.org/native-doc/
+
+ - Other projects
+
+ * OpenSSL
+
+ http://openssl.org/
+
+ * Apache Portable Runtime
+
+ http://apr.apache.org/
+
+ * Apache HTTP Server
+
+ http://httpd.apache.org/
+
+To disable Apache Tomcat Native library:
+
+ - To disable Apache Tomcat Native library when it is installed, or
+ - To remove the warning that is logged during Tomcat startup when the
+ library is not installed:
+
+ Edit the "conf/server.xml" file and remove "AprLifecycleListener" from
+ it.
+
+The binary file of Apache Tomcat Native library is usually named
+
+ - "tcnative-1.dll" on Windows
+ - "libtcnative-1.so" on *nix systems
+
+
+Apache Commons Daemon
+----------------------
+
+Apache Commons Daemon project provides wrappers that can be used to
+install Apache Tomcat as a service on Windows or as a daemon on *nix
+systems.
+
+The Windows-specific implementation of Apache Commons Daemon is called
+"procrun". The *nix-specific one is called "jsvc".
+
+For further reading:
+
+ - Apache Commons Daemon project
+
+ http://commons.apache.org/daemon/
+
+ - Apache Tomcat documentation
+
+ * Installing Apache Tomcat
+
+ http://tomcat.apache.org/tomcat-@VERSION_MAJOR_MINOR@-doc/setup.html
+
+ * Windows service HOW-TO
+
+ http://tomcat.apache.org/tomcat-@VERSION_MAJOR_MINOR@-doc/windows-service-howto.html
+
+The binary files of Apache Commons Daemon in Apache Tomcat distributions
+for Windows are named:
+
+ - "tomcat at VERSION_MAJOR@.exe"
+ - "tomcat at VERSION_MAJOR@w.exe"
+
+These files are renamed copies of "prunsrv.exe" and "prunmgr.exe" from
+Apache Commons Daemon distribution. The file names have a meaning: they are
+used as the service name to register the service in Windows, as well as the
+key name to store distinct configuration for this installation of
+"procrun". If you would like to install several instances of Tomcat @VERSION_MAJOR_MINOR@
+in parallel, you have to further rename those files, using the same naming
+scheme.
diff --git a/STATUS.txt b/STATUS.txt
index bbb0b01..a781cc0 100644
--- a/STATUS.txt
+++ b/STATUS.txt
@@ -15,7 +15,7 @@
limitations under the License.
================================================================================
-$Id: STATUS.txt 1206324 2011-11-25 21:11:35Z kkolinko $
+$Id: STATUS.txt 1398256 2012-10-15 12:06:28Z kkolinko $
=================================
Apache Tomcat 6.0 Patch Proposals
@@ -31,112 +31,41 @@ PATCHES ACCEPTED TO BACKPORT:
PATCHES PROPOSED TO BACKPORT:
[ New proposals should be added at the end of the list ]
-* Fix the maven stuff for the maven repo.
- Before it does't find tomcat-juli.jar and the remoteRepository seems broken .
- http://people.apache.org/~jfclere/patches/maven.patch.100711
- +1: jfclere
- -1: fhanik - easier to pass in the root path (lib/bin) to the macro instead of hacking around it
- if we remove the SCP auto feature, then there should be something to replace it with
- (http://ant.apache.org/manual/OptionalTasks/scp.html)
- +1: kkolinko: +1 for the updated patch (maven.patch.100711)
- I still think that it is not so good to remove the old code of <remoteRepository/>,
- because it ignores ${maven.repo.url} parameter provided by deploy-snapshot,
- deploy-staging and deploy-release targets. Maybe leave old code as a comment
- and fix it later if needed? I think that actually nobody besides the release manager
- uses this, so I am letting this pass.
-
-* Add StuckThreadDetectionValve
- https://github.com/sylvainlaurent/tomcat60/commit/252334f958877221ecb2dc64ee0fd12bb77e360b
- +1: slaurent
- +1: kkolinko: several comments are below
- -1:
- kkolinko: To view/download this as a patch file you add ".diff" to the URL above. That is:
- https://github.com/sylvainlaurent/tomcat60/commit/252334f958877221ecb2dc64ee0fd12bb77e360b.diff
-
- kkolinko: Minor glitches:
- - In mbeans-descriptors.xml:
- - There are no properties "asyncSupported", "stateName" in TC6 version of this valve.
- - In valve.xml:
- - s/tomcat log/Tomcat log/ (or Apache Tomcat log)
- - In StuckThreadDetectionValve.java:
- - private classes CompletedStuckThread, MonitoredThread: make them static (r1175897)
- - Use Long.valueOf() and explicit boxing/unboxing (r1138132, r1175897)
- - getStuckThreadIds() returns a list of ids. It might be useful to
- have a similar method that returns Thread.getName() names.
-
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50570
- Apply FIPS mode patch from TC7:
- http://svn.apache.org/viewvc?rev=1199985&view=rev
- http://svn.apache.org/viewvc?rev=1200004&view=rev
- http://svn.apache.org/viewvc?rev=1200448&view=rev
- +1: schultz, jfclere
- -1: kkolinko: It needs to include more preceding and followup
- changes. Updated patch proposed below.
-
-* Backport AprLifecycleListener improvements from TC7
- This includes:
- - Use consistent external synchronization object for private
- initialization methods. Turn initialization flags to false after APR
- has been terminated. That is, to terminate it only once.
- (rev. 946671 + several after it)
- - Use ExceptionUtils.handleThrowable() for fatal errors
- (rev. 1001904)
- - Do not allow to change SSL options if SSL engine has already been
- initialised.
- (rev. 1199985 + several after it)
- - Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50570
- Enable FIPS mode to be set in AprLifecycleListener.
- Based upon a patch from Chris Beckey.
- (rev. 1199985 + several after it)
- kkolinko: I tested only that it does not break things with the current
- released tcnative version 1.1.22 that does not have FIPS mode support.
- http://people.apache.org/~kkolinko/patches/2011-11-12_tc6_AprLifecycleListener.patch
- +1: kkolinko
- -1:
-
-* Fix autodeployment of applications that have configuration errors.
- If autodeployment fails, create DeployedApplication object and register
- what we deployed (xml or war or dir - a single file) as redeployResource.
- If it is updated the application will be redeployed.
- + ContainerBase patch adds display of failed apps in manager. They can be
- listed and undeployed.
- http://people.apache.org/~kkolinko/patches/2011-11-14_tc6_HostConfig.patch
- http://people.apache.org/~kkolinko/patches/2011-11-14_tc6_ContainerBase.patch
- +1: kkolinko
- -1:
-
-* Add denyStatus attribute to RequestFilterValve
- (RemoteAddrValve, RemoteHostValve valves). It allows to use different
- HTTP response code when rejecting denied request. E.g. 404 instead of 403.
- http://people.apache.org/~kkolinko/patches/2011-11-16_tc6_RequestFilterValve_denyStatus.patch
- (r1202565 in trunk, r1202570 in TC7)
- +1: kkolinko
- -1:
+* Backport UserDataHelper class (issue 52184)
+ Provide greater control over the logging of errors triggered by invalid
+ input data (i.e. data over which Tomcat has no control).
-* Reduce overhead from exception handling in UDecoder
- http://people.apache.org/~kkolinko/patches/2011-11-17_tc6_UDecoder.patch
- (r1203054 in TC7)
- +1: kkolinko
- -1:
+ Note: cookies logging (o.a.t.util.http.Cookies) does not need to be
+ addressed in Tomcat 6, because all logging in that class here is done at
+ debug level.
-* Align %2f handling between implementations of UDecoder.convert()
- http://svn.apache.org/viewvc?rev=1203091&view=rev
+ http://people.apache.org/~kkolinko/patches/2012-03-26_tc6_UserDataHelper.patch
+ (includes a new file, copied from trunk:
+ svn cp ../../trunk/java/org/apache/tomcat/util/log/UserDataHelper.java at 1242371 java/org/apache/tomcat/util/log/UserDataHelper.java
+ )
+1: kkolinko
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52225
- Fix ClassCastException in Alias added for existing host via JMX
- http://svn.apache.org/viewvc?rev=1204856&view=rev
- (without tests; it is r1204860 in TC7)
- +1: kkolinko
+* For https://issues.apache.org/bugzilla/show_bug.cgi?id=52055
+ Ensure that filters are recycled.
+ Inspired by r1334790 (TC7), r565964 (TC6 Nio)
+ I do not have evidence that this change matters, but it should not hurt.
+ The nextRequest() method already recycles the filters. If it has been called,
+ then lastActiveFilter is -1 and the new code will be NOOP.
+ http://people.apache.org/~kkolinko/patches/2012-06-02_tc6_recycle.patch
+ +1: kkolinko, schultz
-1:
-* Do not throw IllegalArgumentException from parseParameters() call when
- chunked POST request is too large, but treat it like an IO error.
- http://svn.apache.org/viewvc?rev=1206200&view=rev
- (without tests; it is r1206205 in TC7)
- +1: kkolinko
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53481
+ Add support for SSLHonorCipherOrder
+ http://svn.apache.org/viewvc?view=revision&revision=1371298
+ http://svn.apache.org/viewvc?view=revision&revision=1371302 (rolls-back inadvertent addition of TOMCAT-NEXT.txt)
+ http://svn.apache.org/viewvc?view=revision&revision=1371620 (tab -> spaces)
+ +1: schultz, kkolinko, jfclere
-1:
+ -- Note that a bug has been found in the feature to backport which
+ requires an update to tcnative:
+ https://issues.apache.org/bugzilla/show_bug.cgi?id=53969
PATCHES/ISSUES THAT ARE STALLED
@@ -157,3 +86,20 @@ PATCHES/ISSUES THAT ARE STALLED
markt - r1172614 needs to be included in this proposal. With that patch,
my testing shows that the unloading works as designed
-1:
+
+* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52918
+ Add WebSocket support to Tomcat 6
+ +1: fhanik
+ -0: jfclere
+ -0: kkolinko:
+ - Interesting, but I do not think there is much interest in it.
+ If one needs this feature I would suggest to upgrade to Tomcat 7.
+ If one cannot upgrade to Tomcat 7 then they probably cannot
+ upgrade to a later Tomcat 6 either.
+ - The protocol specification still evolves. I think it is too risky
+ to implement websockets for Tomcat 6.
+ - Formally, the proposal does not have a link to the patch.
+ - The patch in Bugzilla does not include latest changes from Tomcat 7. E.g.
+ http://svn.apache.org/viewvc?view=revision&revision=1380841
+ (Is one supposed to just copy the current version of websocket
+ package from Tomcat 7 here?)
diff --git a/build.properties.default b/build.properties.default
index ac8f356..f8e3d8d 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -21,16 +21,16 @@
# modules that Tomcat depends on. Copy this file to "build.properties"
# in the top-level source directory, and customize it as needed.
#
-# $Id: build.properties.default 1207052 2011-11-28 10:12:53Z jfclere $
+# $Id: build.properties.default 1398688 2012-10-16 07:54:48Z jfclere $
# -----------------------------------------------------------------------------
# ----- Version Control Flags -----
version.major=6
version.minor=0
-version.build=35
+version.build=36
version.patch=0
version.suffix=-dev
-version=6.0.35
+version=6.0.36
# ----- Default Base Path for Dependent Packages -----
# Please note this path must be absolute, not relative,
@@ -108,8 +108,8 @@ wsdl4j-lib.jar=${wsdl4j-lib.home}/wsdl4j-${wsdl4j-lib.version}.jar
# - noTldJars in o.a.j.compiler.TldLocationsCache
# - res/maven/jasper.pom
# - eclipse.classpath
-jdt.version=3.7
-jdt.release=R-3.7-201106131736
+jdt.version=3.7.2
+jdt.release=R-3.7.2-201202080800
jdt.home=${base.path}/ecj-${jdt.version}
jdt.jar=${jdt.home}/ecj-${jdt.version}.jar
# The download will be moved to the archive area eventually. We are taking care of that in advance.
@@ -118,16 +118,13 @@ jdt.loc.1=http://archive.eclipse.org/eclipse/downloads/drops/${jdt.release}/ecj-
jdt.loc.2=http://download.eclipse.org/eclipse/downloads/drops/${jdt.release}/ecj-${jdt.version}.jar
# ----- Tomcat native library -----
-tomcat-native.version=1.1.22
+tomcat-native.version=1.1.23
tomcat-native.home=${base.path}/tomcat-native-${tomcat-native.version}
tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
tomcat-native.loc.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
tomcat-native.loc.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
-tomcat-native.dll.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/binaries
-tomcat-native.dll.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/binaries
-tomcat-native.dll.win32=${tomcat-native.home}/tcnative-1.dll.x86
-tomcat-native.dll.x64=${tomcat-native.home}/tcnative-1.dll.x64
-tomcat-native.dll.i64=${tomcat-native.home}/tcnative-1.dll.i64
+tomcat-native.win.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-win32-bin.zip
+tomcat-native.win.2=${base-tomcat.loc.2}/tomcat-connectors/native/${tomcat-native.version}/binaries/tomcat-native-${tomcat-native.version}-win32-bin.zip
# ----- Commons DBCP, version 1.1 or later -----
commons-dbcp.version=1.3
@@ -136,7 +133,7 @@ commons-dbcp-src.loc.1=${base-commons.loc.1}/dbcp/source/commons-dbcp-${commons-
commons-dbcp-src.loc.2=${base-commons.loc.2}/dbcp/source/commons-dbcp-${commons-dbcp.version}-src.tar.gz
# ----- Commons Pool, version 1.1 or later -----
-commons-pool.version=1.5.6
+commons-pool.version=1.5.7
commons-pool.home=${base.path}/commons-pool-${commons-pool.version}-src
commons-pool-src.loc.1=${base-commons.loc.1}/pool/source/commons-pool-${commons-pool.version}-src.tar.gz
commons-pool-src.loc.2=${base-commons.loc.2}/pool/source/commons-pool-${commons-pool.version}-src.tar.gz
@@ -150,7 +147,7 @@ nsis.nsisdl.dll=${nsis.home}/Plugins/NSISdl.dll
nsis.loc=${base-sf.loc}/nsis/nsis-2.46.zip
# ----- Commons Daemon, version 1.0-Alpha or later -----
-commons-daemon.version=1.0.7
+commons-daemon.version=1.0.10
commons-daemon.home=${base.path}/commons-daemon-${commons-daemon.version}
commons-daemon.jar=${commons-daemon.home}/commons-daemon-${commons-daemon.version}.jar
commons-daemon.native.win.home=${commons-daemon.home}/windows
diff --git a/build.xml b/build.xml
index 84749f1..ae9f60e 100644
--- a/build.xml
+++ b/build.xml
@@ -784,24 +784,10 @@
<param name="destdir" value="${tomcat-native.home}"/>
</antcall>
- <antcall target="downloadfile-2">
- <param name="sourcefile.1" value="${tomcat-native.dll.1}/win32/tcnative-1.dll"/>
- <param name="sourcefile.2" value="${tomcat-native.dll.2}/win32/tcnative-1.dll"/>
- <param name="destfile" value="${tomcat-native.dll.win32}"/>
- <param name="destdir" value="${tomcat-native.home}"/>
- </antcall>
-
- <antcall target="downloadfile-2">
- <param name="sourcefile.1" value="${tomcat-native.dll.1}/win64/x64/tcnative-1.dll"/>
- <param name="sourcefile.2" value="${tomcat-native.dll.2}/win64/x64/tcnative-1.dll"/>
- <param name="destfile" value="${tomcat-native.dll.x64}"/>
- <param name="destdir" value="${tomcat-native.home}"/>
- </antcall>
-
- <antcall target="downloadfile-2">
- <param name="sourcefile.1" value="${tomcat-native.dll.1}/win64/ia64/tcnative-1.dll"/>
- <param name="sourcefile.2" value="${tomcat-native.dll.2}/win64/ia64/tcnative-1.dll"/>
- <param name="destfile" value="${tomcat-native.dll.i64}"/>
+ <antcall target="downloadzip-2">
+ <param name="sourcefile.1" value="${tomcat-native.win.1}"/>
+ <param name="sourcefile.2" value="${tomcat-native.win.2}"/>
+ <param name="destfile" value="${tomcat-native.home}/LICENSE"/>
<param name="destdir" value="${tomcat-native.home}"/>
</antcall>
diff --git a/conf/web.xml b/conf/web.xml
index b5620e3..165bc7c 100644
--- a/conf/web.xml
+++ b/conf/web.xml
@@ -284,7 +284,7 @@
<!-- isVirtualWebappRelative -->
<!-- Should "virtual" paths be interpreted as -->
<!-- relative to the context root, instead of -->
- <!-- the server root? (0=false, 1=true) [0] -->
+ <!-- the server root? [false] -->
<!-- -->
<!-- inputEncoding The encoding to assume for SSI resources if -->
<!-- one is not available from the resource. -->
@@ -315,7 +315,7 @@
</init-param>
<init-param>
<param-name>isVirtualWebappRelative</param-name>
- <param-value>0</param-value>
+ <param-value>false</param-value>
</init-param>
<load-on-startup>4</load-on-startup>
</servlet>
@@ -421,6 +421,21 @@
<!-- ================== Built In Filter Definitions ===================== -->
+
+ <!-- A filter that sets character encoding that is used to decode -->
+ <!-- parameters in a POST request -->
+<!--
+ <filter>
+ <filter-name>setCharacterEncodingFilter</filter-name>
+ <filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class>
+ <init-param>
+ <param-name>encoding</param-name>
+ <param-value>UTF-8</param-value>
+ </init-param>
+ </filter>
+-->
+
+
<!-- A filter that triggers request parameters parsing and rejects the -->
<!-- request if some parameters were skipped because of parsing errors or -->
<!-- request size limitations. -->
@@ -462,7 +477,7 @@
<!-- isVirtualWebappRelative -->
<!-- Should "virtual" paths be interpreted as -->
<!-- relative to the context root, instead of -->
- <!-- the server root? (0=false, 1=true) [0] -->
+ <!-- the server root? [false] -->
<!-- -->
<!-- allowExec Is use of the exec command enabled? [false] -->
@@ -486,7 +501,7 @@
</init-param>
<init-param>
<param-name>isVirtualWebappRelative</param-name>
- <param-value>0</param-value>
+ <param-value>false</param-value>
</init-param>
</filter>
-->
@@ -494,6 +509,14 @@
<!-- ==================== Built In Filter Mappings ====================== -->
+ <!-- The mapping for the Set Character Encoding Filter -->
+<!--
+ <filter-mapping>
+ <filter-name>setCharacterEncodingFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+-->
+
<!-- The mapping for the Failed Request Filter -->
<!--
<filter-mapping>
diff --git a/dist.xml b/dist.xml
index 3ad2259..060e03c 100644
--- a/dist.xml
+++ b/dist.xml
@@ -209,14 +209,12 @@
<copy file="${commons-daemon.home}/windows/ia64/prunsrv.exe"
tofile="${tomcat.dist}/bin/i64/tomcat${version.major}.exe" />
<!-- tc native -->
- <copy file="${tomcat-native.home}/tcnative-1.dll.x86"
- tofile="${tomcat.dist}/bin/tcnative-1.dll" />
- <!-- tc native 64 bit for amd/emt -->
- <copy file="${tomcat-native.home}/tcnative-1.dll.x64"
- tofile="${tomcat.dist}/bin/x64/tcnative-1.dll" />
- <!-- tc native 64 bit for ia -->
- <copy file="${tomcat-native.home}/tcnative-1.dll.i64"
- tofile="${tomcat.dist}/bin/i64/tcnative-1.dll" />
+ <copy todir="${tomcat.dist}/bin">
+ <fileset dir="${tomcat-native.home}/bin">
+ <include name="*.dll"/>
+ <include name="**/*.dll"/>
+ </fileset>
+ </copy>
<!-- Correct permissions and line endings on "bin" scripts -->
<fixcrlf srcdir="${tomcat.dist}/bin" includes="*.sh" eol="lf" encoding="ISO-8859-1" fixlast="false" />
@@ -308,21 +306,31 @@
description="Create Windows installer" unless="skip.installer">
<echo message="Builds a Windows installer based on Nullsoft Installer"/>
<copy todir="${tomcat.dist}">
- <fileset dir="res" />
+ <fileset dir="res">
+ <include name="INSTALLLICENSE" />
+ <include name="*.bmp" />
+ <include name="*.ico" />
+ <include name="confinstall/**" />
+ </fileset>
+ </copy>
+ <copy file="res/tomcat.nsi" tofile="${tomcat.dist}/tomcat.nsi" overwrite="true" encoding="ISO-8859-1">
+ <filterset refid="version.filters"/>
</copy>
<copy file="${nsis.installoptions.dll}" todir="${tomcat.dist}" />
<copy file="${nsis.nsexec.dll}" todir="${tomcat.dist}" />
<copy file="${nsis.nsisdl.dll}" todir="${tomcat.dist}" />
- <fixcrlf srcdir="${tomcat.dist}" includes="*.txt,LICENSE,NOTICE" eol="crlf" encoding="ISO-8859-1" fixlast="false" />
- <fixcrlf srcdir="${tomcat.dist}/conf" eol="crlf" encoding="ISO-8859-1" fixlast="false" />
- <!-- Make sure the RELEASE-NOTES has Windows line endings as they may be
- displayed post-install -->
- <fixcrlf srcdir="${tomcat.dist}/webapps/ROOT"
- includes="RELEASE-NOTES.txt" eol="crlf" encoding="ISO-8859-1" fixlast="false" />
- <copy file="res/tomcat.nsi" tofile="${tomcat.dist}/tomcat.nsi" overwrite="true" encoding="ISO-8859-1">
- <filterset refid="version.filters"/>
- </copy>
+ <fixcrlf srcdir="${tomcat.dist}" eol="crlf" encoding="ISO-8859-1" fixlast="false">
+ <include name="*.txt" />
+ <include name="INSTALLLICENSE" />
+ <include name="LICENSE" />
+ <include name="NOTICE" />
+ <include name="tomcat.nsi" />
+ <include name="conf/**" />
+ <!-- Make sure the RELEASE-NOTES has Windows line endings as they may be
+ displayed post-install -->
+ <include name="webapps/ROOT/RELEASE-NOTES.txt" />
+ </fixcrlf>
<exec dir="${tomcat.dist}" executable="${nsis.exe}" osfamily="windows">
<arg value="/DNSISDIR=${nsis.home}" />
<arg value="tomcat.nsi" />
diff --git a/eclipse.classpath b/eclipse.classpath
index 2d4c766..5dfe5ce 100644
--- a/eclipse.classpath
+++ b/eclipse.classpath
@@ -20,7 +20,7 @@
<classpathentry kind="src" path="test"/>
<classpathentry kind="src" path="webapps/examples/WEB-INF/classes"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
- <classpathentry kind="var" path="TOMCAT_LIBS_BASE/ecj-3.7/ecj-3.7.jar"/>
+ <classpathentry kind="var" path="TOMCAT_LIBS_BASE/ecj-3.7.2/ecj-3.7.2.jar"/>
<classpathentry kind="con" path="org.eclipse.jdt.junit.JUNIT_CONTAINER/3"/>
<classpathentry kind="var" path="ANT_HOME/lib/ant.jar"/>
<classpathentry kind="output" path=".settings/output"/>
diff --git a/java/javax/el/ResourceBundleELResolver.java b/java/javax/el/ResourceBundleELResolver.java
index 733aec9..86fbd8b 100644
--- a/java/javax/el/ResourceBundleELResolver.java
+++ b/java/javax/el/ResourceBundleELResolver.java
@@ -27,102 +27,102 @@ import java.util.ResourceBundle;
public class ResourceBundleELResolver extends ELResolver {
- public ResourceBundleELResolver() {
- super();
- }
-
- public Object getValue(ELContext context, Object base, Object property)
- throws NullPointerException, PropertyNotFoundException, ELException {
- if (context == null) {
- throw new NullPointerException();
- }
-
- if (base instanceof ResourceBundle) {
- if (property != null) {
- try {
- Object result = ((ResourceBundle) base).getObject(property
- .toString());
- context.setPropertyResolved(true);
- return result;
- } catch (MissingResourceException mre) {
- return "???" + property.toString() + "???";
- }
- }
- }
-
- return null;
- }
-
- public Class<?> getType(ELContext context, Object base, Object property)
- throws NullPointerException, PropertyNotFoundException, ELException {
- if (context == null) {
- throw new NullPointerException();
- }
-
- if (base instanceof ResourceBundle) {
- context.setPropertyResolved(true);
- }
-
- return null;
- }
-
- public void setValue(ELContext context, Object base, Object property,
- Object value) throws NullPointerException,
- PropertyNotFoundException, PropertyNotWritableException,
- ELException {
- if (context == null) {
- throw new NullPointerException();
- }
-
- if (base instanceof ResourceBundle) {
- context.setPropertyResolved(true);
- throw new PropertyNotWritableException(message(context,
- "resolverNotWriteable", new Object[] { base.getClass()
- .getName() }));
- }
- }
-
- public boolean isReadOnly(ELContext context, Object base, Object property)
- throws NullPointerException, PropertyNotFoundException, ELException {
- if (context == null) {
- throw new NullPointerException();
- }
-
- if (base instanceof ResourceBundle) {
- context.setPropertyResolved(true);
- }
-
- return true;
- }
-
- public Iterator getFeatureDescriptors(ELContext context, Object base) {
- if (base instanceof ResourceBundle) {
- List<FeatureDescriptor> feats = new ArrayList<FeatureDescriptor>();
- Enumeration e = ((ResourceBundle) base).getKeys();
- FeatureDescriptor feat;
- String key;
- while (e.hasMoreElements()) {
- key = (String) e.nextElement();
- feat = new FeatureDescriptor();
- feat.setDisplayName(key);
- feat.setExpert(false);
- feat.setHidden(false);
- feat.setName(key);
- feat.setPreferred(true);
- feat.setValue(RESOLVABLE_AT_DESIGN_TIME, Boolean.TRUE);
- feat.setValue(TYPE, String.class);
- feats.add(feat);
- }
- return feats.iterator();
- }
- return null;
- }
-
- public Class<?> getCommonPropertyType(ELContext context, Object base) {
- if (base instanceof ResourceBundle) {
- return String.class;
- }
- return null;
- }
+ public ResourceBundleELResolver() {
+ super();
+ }
+
+ public Object getValue(ELContext context, Object base, Object property)
+ throws NullPointerException, PropertyNotFoundException, ELException {
+ if (context == null) {
+ throw new NullPointerException();
+ }
+
+ if (base instanceof ResourceBundle) {
+ context.setPropertyResolved(true);
+
+ if (property != null) {
+ try {
+ return ((ResourceBundle) base).getObject(property
+ .toString());
+ } catch (MissingResourceException mre) {
+ return "???" + property.toString() + "???";
+ }
+ }
+ }
+
+ return null;
+ }
+
+ public Class<?> getType(ELContext context, Object base, Object property)
+ throws NullPointerException, PropertyNotFoundException, ELException {
+ if (context == null) {
+ throw new NullPointerException();
+ }
+
+ if (base instanceof ResourceBundle) {
+ context.setPropertyResolved(true);
+ }
+
+ return null;
+ }
+
+ public void setValue(ELContext context, Object base, Object property,
+ Object value) throws NullPointerException,
+ PropertyNotFoundException, PropertyNotWritableException,
+ ELException {
+ if (context == null) {
+ throw new NullPointerException();
+ }
+
+ if (base instanceof ResourceBundle) {
+ context.setPropertyResolved(true);
+ throw new PropertyNotWritableException(message(context,
+ "resolverNotWriteable", new Object[] { base.getClass()
+ .getName() }));
+ }
+ }
+
+ public boolean isReadOnly(ELContext context, Object base, Object property)
+ throws NullPointerException, PropertyNotFoundException, ELException {
+ if (context == null) {
+ throw new NullPointerException();
+ }
+
+ if (base instanceof ResourceBundle) {
+ context.setPropertyResolved(true);
+ }
+
+ return true;
+ }
+
+ public Iterator getFeatureDescriptors(ELContext context, Object base) {
+ if (base instanceof ResourceBundle) {
+ List<FeatureDescriptor> feats = new ArrayList<FeatureDescriptor>();
+ Enumeration e = ((ResourceBundle) base).getKeys();
+ FeatureDescriptor feat;
+ String key;
+ while (e.hasMoreElements()) {
+ key = (String) e.nextElement();
+ feat = new FeatureDescriptor();
+ feat.setDisplayName(key);
+ feat.setExpert(false);
+ feat.setHidden(false);
+ feat.setName(key);
+ feat.setPreferred(true);
+ feat.setValue(RESOLVABLE_AT_DESIGN_TIME, Boolean.TRUE);
+ feat.setValue(TYPE, String.class);
+ feats.add(feat);
+ }
+ return feats.iterator();
+ }
+ return null;
+ }
+
+ public Class<?> getCommonPropertyType(ELContext context, Object base) {
+ if (base instanceof ResourceBundle) {
+ return String.class;
+ }
+ return null;
+ }
}
diff --git a/java/javax/servlet/http/HttpServlet.java b/java/javax/servlet/http/HttpServlet.java
index 7b92854..d3615b4 100644
--- a/java/javax/servlet/http/HttpServlet.java
+++ b/java/javax/servlet/http/HttpServlet.java
@@ -751,6 +751,36 @@ class NoBodyResponse extends HttpServletResponseWrapper {
didSetContentLength = true;
}
+ public void setHeader(String name, String value) {
+ super.setHeader(name, value);
+ checkHeader(name);
+ }
+
+ @Override
+ public void addHeader(String name, String value) {
+ super.addHeader(name, value);
+ checkHeader(name);
+ }
+
+ @Override
+ public void setIntHeader(String name, int value) {
+ super.setIntHeader(name, value);
+ checkHeader(name);
+ }
+
+ @Override
+ public void addIntHeader(String name, int value) {
+ super.addIntHeader(name, value);
+ checkHeader(name);
+ }
+
+ private void checkHeader(String name) {
+ if ("content-length".equalsIgnoreCase(name)) {
+ didSetContentLength = true;
+ }
+ }
+
+ @Override
public ServletOutputStream getOutputStream() throws IOException {
return noBody;
}
diff --git a/java/org/apache/catalina/authenticator/DigestAuthenticator.java b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
index 6531619..0ba5ec9 100644
--- a/java/org/apache/catalina/authenticator/DigestAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
@@ -27,9 +27,9 @@ import java.util.LinkedHashMap;
import java.util.Map;
import java.util.StringTokenizer;
+import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-
import org.apache.catalina.LifecycleException;
import org.apache.catalina.Realm;
import org.apache.catalina.connector.Request;
@@ -47,7 +47,7 @@ import org.apache.juli.logging.LogFactory;
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Id: DigestAuthenticator.java 1158180 2011-08-16 10:11:43Z markt $
+ * @version $Id: DigestAuthenticator.java 1380829 2012-09-04 19:48:27Z markt $
*/
public class DigestAuthenticator extends AuthenticatorBase {
@@ -80,6 +80,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
public DigestAuthenticator() {
super();
+ setCache(false);
try {
if (md5Helper == null)
md5Helper = MessageDigest.getInstance("MD5");
@@ -100,16 +101,16 @@ public class DigestAuthenticator extends AuthenticatorBase {
/**
- * List of client nonce values currently being tracked
+ * List of server nonce values currently being tracked
*/
- protected Map<String,NonceInfo> cnonces;
+ protected Map<String,NonceInfo> nonces;
/**
- * Maximum number of client nonces to keep in the cache. If not specified,
+ * Maximum number of server nonces to keep in the cache. If not specified,
* the default value of 1000 is used.
*/
- protected int cnonceCacheSize = 1000;
+ protected int nonceCacheSize = 1000;
/**
@@ -150,13 +151,13 @@ public class DigestAuthenticator extends AuthenticatorBase {
}
- public int getCnonceCacheSize() {
- return cnonceCacheSize;
+ public int getNonceCacheSize() {
+ return nonceCacheSize;
}
- public void setCnonceCacheSize(int cnonceCacheSize) {
- this.cnonceCacheSize = cnonceCacheSize;
+ public void setNonceCacheSize(int nonceCacheSize) {
+ this.nonceCacheSize = nonceCacheSize;
}
@@ -263,18 +264,19 @@ public class DigestAuthenticator extends AuthenticatorBase {
// Validate any credentials already included with this request
String authorization = request.getHeader("authorization");
DigestInfo digestInfo = new DigestInfo(getOpaque(), getNonceValidity(),
- getKey(), cnonces, isValidateUri());
+ getKey(), nonces, isValidateUri());
if (authorization != null) {
- if (digestInfo.validate(request, authorization, config)) {
- principal = digestInfo.authenticate(context.getRealm());
- }
+ if (digestInfo.parse(request, authorization)) {
+ if (digestInfo.validate(request, config)) {
+ principal = digestInfo.authenticate(context.getRealm());
+ }
- if (principal != null) {
- String username = parseUsername(authorization);
- register(request, response, principal,
- Constants.DIGEST_METHOD,
- username, null);
- return (true);
+ if (principal != null && !digestInfo.isNonceStale()) {
+ register(request, response, principal,
+ HttpServletRequest.DIGEST_AUTH,
+ digestInfo.getUsername(), null);
+ return true;
+ }
}
}
@@ -285,10 +287,9 @@ public class DigestAuthenticator extends AuthenticatorBase {
String nonce = generateNonce(request);
setAuthenticateHeader(request, response, config, nonce,
- digestInfo.isNonceStale());
+ principal != null && digestInfo.isNonceStale());
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
- // hres.flushBuffer();
- return (false);
+ return false;
}
@@ -301,7 +302,10 @@ public class DigestAuthenticator extends AuthenticatorBase {
* can be identified, return <code>null</code>
*
* @param authorization Authorization string to be parsed
+ *
+ * @deprecated Unused. Will be removed in Tomcat 8.0.x
*/
+ @Deprecated
protected String parseUsername(String authorization) {
// Validate the authorization credentials format
@@ -345,7 +349,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
} else if (quotedString.length() > 2) {
return quotedString.substring(1, quotedString.length() - 1);
} else {
- return new String();
+ return "";
}
}
@@ -376,7 +380,14 @@ public class DigestAuthenticator extends AuthenticatorBase {
buffer = md5Helper.digest(ipTimeKey.getBytes());
}
- return currentTime + ":" + md5Encoder.encode(buffer);
+ String nonce = currentTime + ":" + md5Encoder.encode(buffer);
+
+ NonceInfo info = new NonceInfo(currentTime, 100);
+ synchronized (nonces) {
+ nonces.put(nonce, info);
+ }
+
+ return nonce;
}
@@ -450,7 +461,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
setOpaque(generateSessionId());
}
- cnonces = new LinkedHashMap<String, DigestAuthenticator.NonceInfo>() {
+ nonces = new LinkedHashMap<String, DigestAuthenticator.NonceInfo>() {
private static final long serialVersionUID = 1L;
private static final long LOG_SUPPRESS_TIME = 5 * 60 * 1000;
@@ -462,7 +473,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
Map.Entry<String,NonceInfo> eldest) {
// This is called from a sync so keep it simple
long currentTime = System.currentTimeMillis();
- if (size() > getCnonceCacheSize()) {
+ if (size() > getNonceCacheSize()) {
if (lastLog < currentTime &&
currentTime - eldest.getValue().getTimestamp() <
getNonceValidity()) {
@@ -480,10 +491,10 @@ public class DigestAuthenticator extends AuthenticatorBase {
private static class DigestInfo {
- private String opaque;
- private long nonceValidity;
- private String key;
- private Map<String,NonceInfo> cnonces;
+ private final String opaque;
+ private final long nonceValidity;
+ private final String key;
+ private final Map<String,NonceInfo> nonces;
private boolean validateUri = true;
private String userName = null;
@@ -495,21 +506,27 @@ public class DigestAuthenticator extends AuthenticatorBase {
private String cnonce = null;
private String realmName = null;
private String qop = null;
+ private String opaqueReceived = null;
private boolean nonceStale = false;
public DigestInfo(String opaque, long nonceValidity, String key,
- Map<String,NonceInfo> cnonces, boolean validateUri) {
+ Map<String,NonceInfo> nonces, boolean validateUri) {
this.opaque = opaque;
this.nonceValidity = nonceValidity;
this.key = key;
- this.cnonces = cnonces;
+ this.nonces = nonces;
this.validateUri = validateUri;
}
- public boolean validate(Request request, String authorization,
- LoginConfig config) {
+
+ public String getUsername() {
+ return userName;
+ }
+
+
+ public boolean parse(Request request, String authorization) {
// Validate the authorization credentials format
if (authorization == null) {
return false;
@@ -523,7 +540,6 @@ public class DigestAuthenticator extends AuthenticatorBase {
String[] tokens = authorization.split(",(?=(?:[^\"]*\"[^\"]*\")+$)");
method = request.getMethod();
- String opaque = null;
for (int i = 0; i < tokens.length; i++) {
String currentToken = tokens[i];
@@ -555,9 +571,13 @@ public class DigestAuthenticator extends AuthenticatorBase {
if ("response".equals(currentTokenName))
response = removeQuotes(currentTokenValue);
if ("opaque".equals(currentTokenName))
- opaque = removeQuotes(currentTokenValue);
+ opaqueReceived = removeQuotes(currentTokenValue);
}
+ return true;
+ }
+
+ public boolean validate(Request request, LoginConfig config) {
if ( (userName == null) || (realmName == null) || (nonce == null)
|| (uri == null) || (response == null) ) {
return false;
@@ -573,7 +593,23 @@ public class DigestAuthenticator extends AuthenticatorBase {
uriQuery = request.getRequestURI() + "?" + query;
}
if (!uri.equals(uriQuery)) {
- return false;
+ // Some clients (older Android) use an absolute URI for
+ // DIGEST but a relative URI in the request line.
+ // request. 2.3.5 < fixed Android version <= 4.0.3
+ String host = request.getHeader("host");
+ String scheme = request.getScheme();
+ if (host != null && !uriQuery.startsWith(scheme)) {
+ StringBuilder absolute = new StringBuilder();
+ absolute.append(scheme);
+ absolute.append("://");
+ absolute.append(host);
+ absolute.append(uriQuery);
+ if (!uri.equals(absolute.toString())) {
+ return false;
+ }
+ } else {
+ return false;
+ }
}
}
@@ -587,7 +623,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
}
// Validate the opaque string
- if (!this.opaque.equals(opaque)) {
+ if (!opaque.equals(opaqueReceived)) {
return false;
}
@@ -606,7 +642,9 @@ public class DigestAuthenticator extends AuthenticatorBase {
long currentTime = System.currentTimeMillis();
if ((currentTime - nonceTime) > nonceValidity) {
nonceStale = true;
- return false;
+ synchronized (nonces) {
+ nonces.remove(nonce);
+ }
}
String serverIpTimeKey =
request.getRemoteAddr() + ":" + nonceTime + ":" + key;
@@ -625,7 +663,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
}
// Validate cnonce and nc
- // Check if presence of nc and nonce is consistent with presence of qop
+ // Check if presence of nc and Cnonce is consistent with presence of qop
if (qop == null) {
if (cnonce != null || nc != null) {
return false;
@@ -634,7 +672,9 @@ public class DigestAuthenticator extends AuthenticatorBase {
if (cnonce == null || nc == null) {
return false;
}
- if (nc.length() != 8) {
+ // RFC 2617 says nc must be 8 digits long. Older Android clients
+ // use 6. 2.3.5 < fixed Android version <= 4.0.3
+ if (nc.length() < 6 || nc.length() > 8) {
return false;
}
long count;
@@ -644,21 +684,18 @@ public class DigestAuthenticator extends AuthenticatorBase {
return false;
}
NonceInfo info;
- synchronized (cnonces) {
- info = cnonces.get(cnonce);
+ synchronized (nonces) {
+ info = nonces.get(nonce);
}
if (info == null) {
- info = new NonceInfo();
+ // Nonce is valid but not in cache. It must have dropped out
+ // of the cache - force a re-authentication
+ nonceStale = true;
} else {
- if (count <= info.getCount()) {
+ if (!info.nonceCountValid(count)) {
return false;
}
}
- info.setCount(count);
- info.setTimestamp(currentTime);
- synchronized (cnonces) {
- cnonces.put(cnonce, info);
- }
}
return true;
}
@@ -685,19 +722,31 @@ public class DigestAuthenticator extends AuthenticatorBase {
}
private static class NonceInfo {
- private volatile long count;
private volatile long timestamp;
-
- public void setCount(long l) {
- count = l;
+ private volatile boolean seen[];
+ private volatile int offset;
+ private volatile int count = 0;
+
+ public NonceInfo(long currentTime, int seenWindowSize) {
+ this.timestamp = currentTime;
+ seen = new boolean[seenWindowSize];
+ offset = seenWindowSize / 2;
}
- public long getCount() {
- return count;
- }
-
- public void setTimestamp(long l) {
- timestamp = l;
+ public synchronized boolean nonceCountValid(long nonceCount) {
+ if ((count - offset) >= nonceCount ||
+ (nonceCount > count - offset + seen.length)) {
+ return false;
+ }
+ int checkIndex = (int) ((nonceCount + offset) % seen.length);
+ if (seen[checkIndex]) {
+ return false;
+ } else {
+ seen[checkIndex] = true;
+ seen[count % seen.length] = false;
+ count++;
+ return true;
+ }
}
public long getTimestamp() {
diff --git a/java/org/apache/catalina/authenticator/FormAuthenticator.java b/java/org/apache/catalina/authenticator/FormAuthenticator.java
index 64491ff..18df2ec 100644
--- a/java/org/apache/catalina/authenticator/FormAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/FormAuthenticator.java
@@ -51,7 +51,7 @@ import org.apache.tomcat.util.http.MimeHeaders;
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Id: FormAuthenticator.java 1195440 2011-10-31 13:05:10Z markt $
+ * @version $Id: FormAuthenticator.java 1377878 2012-08-27 21:28:04Z markt $
*/
public class FormAuthenticator
@@ -397,11 +397,11 @@ public class FormAuthenticator
return (false);
// Does the request URI match?
- String requestURI = request.getRequestURI();
- if (requestURI == null)
+ String decodedRequestURI = request.getDecodedRequestURI();
+ if (decodedRequestURI == null) {
return (false);
- return (requestURI.equals(sreq.getRequestURI()));
-
+ }
+ return (decodedRequestURI.equals(sreq.getDecodedRequestURI()));
}
@@ -547,6 +547,7 @@ public class FormAuthenticator
saved.setMethod(request.getMethod());
saved.setQueryString(request.getQueryString());
saved.setRequestURI(request.getRequestURI());
+ saved.setDecodedRequestURI(request.getDecodedRequestURI());
// Stash the SavedRequest in our session for later use
session.setNote(Constants.FORM_REQUEST_NOTE, saved);
diff --git a/java/org/apache/catalina/authenticator/SavedRequest.java b/java/org/apache/catalina/authenticator/SavedRequest.java
index 02fcdda..8d74ee1 100644
--- a/java/org/apache/catalina/authenticator/SavedRequest.java
+++ b/java/org/apache/catalina/authenticator/SavedRequest.java
@@ -39,7 +39,7 @@ import org.apache.tomcat.util.buf.ByteChunk;
* internal collection classes is performed.
*
* @author Craig R. McClanahan
- * @version $Id: SavedRequest.java 939336 2010-04-29 15:00:41Z kkolinko $
+ * @version $Id: SavedRequest.java 1377878 2012-08-27 21:28:04Z markt $
*/
public final class SavedRequest {
@@ -169,6 +169,21 @@ public final class SavedRequest {
/**
+ * The decode request URI associated with this Request. Path parameters are
+ * also excluded
+ */
+ private String decodedRequestURI = null;
+
+ public String getDecodedRequestURI() {
+ return (this.decodedRequestURI);
+ }
+
+ public void setDecodedRequestURI(String decodedRequestURI) {
+ this.decodedRequestURI = decodedRequestURI;
+ }
+
+
+ /**
* The body of this request.
*/
private ByteChunk body = null;
diff --git a/java/org/apache/catalina/connector/Connector.java b/java/org/apache/catalina/connector/Connector.java
index 6b98a98..1f816c5 100644
--- a/java/org/apache/catalina/connector/Connector.java
+++ b/java/org/apache/catalina/connector/Connector.java
@@ -18,7 +18,10 @@
package org.apache.catalina.connector;
+import java.util.Arrays;
import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Set;
import javax.management.MBeanRegistration;
import javax.management.MBeanServer;
@@ -44,11 +47,11 @@ import org.apache.tomcat.util.modeler.Registry;
/**
- * Implementation of a Coyote connector for Tomcat 5.x.
+ * Implementation of a Coyote connector.
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Id: Connector.java 1200601 2011-11-10 22:24:17Z kkolinko $
+ * @version $Id: Connector.java 1394104 2012-10-04 14:55:59Z markt $
*/
@@ -211,6 +214,17 @@ public class Connector
*/
protected int maxSavePostSize = 4 * 1024;
+ /**
+ * Comma-separated list of HTTP methods that will be parsed according
+ * to POST-style rules for application/x-www-form-urlencoded request bodies.
+ */
+ protected String parseBodyMethods = "POST";
+
+ /**
+ * A Set of methods determined by {@link #parseBodyMethods}.
+ */
+ protected Set<String> parseBodyMethodsSet;
+
/**
* Has this component been initialized yet?
@@ -518,6 +532,35 @@ public class Connector
/**
+ * Return the maximum number of headers that are allowed by the container. A
+ * value of less than 0 means no limit.
+ */
+ public int getMaxHeaderCount() {
+ Object value = getProperty("maxHeaderCount");
+ if (value instanceof Integer) {
+ return ((Integer) value).intValue();
+ } else if (value == null) {
+ // JkCoyoteHandler does not return the actual value, but the
+ // one passed to the previous call of setProperty(), which
+ // is null by default.
+ // The actual value can be seen in JkHandler MBean "request".
+ // The default value for maxHeaderCount is known to be 100.
+ return 100;
+ }
+ return Integer.parseInt((String) value);
+ }
+
+ /**
+ * Set the maximum number of headers in a request that are allowed by the
+ * container. A value of less than 0 means no limit.
+ *
+ * @param maxHeaderCount The new setting
+ */
+ public void setMaxHeaderCount(int maxHeaderCount) {
+ setProperty("maxHeaderCount", String.valueOf(maxHeaderCount));
+ }
+
+ /**
* Return the maximum number of parameters (GET plus POST) that will be
* automatically parsed by the container. A value of less than 0 means no
* limit.
@@ -588,6 +631,33 @@ public class Connector
}
+ public String getParseBodyMethods() {
+
+ return this.parseBodyMethods;
+
+ }
+
+ public void setParseBodyMethods(String methods) {
+
+ HashSet<String> methodSet = new HashSet<String>();
+
+ if( null != methods )
+ methodSet.addAll(Arrays.asList(methods.split("\\s*,\\s*")));
+
+ if( methodSet.contains("TRACE") )
+ throw new IllegalArgumentException(sm.getString("coyoteConnector.parseBodyMethodNoTrace"));
+
+ this.parseBodyMethods = methods;
+ this.parseBodyMethodsSet = methodSet;
+
+ }
+
+ protected boolean isParseBodyMethod(String method) {
+
+ return parseBodyMethodsSet.contains(method);
+
+ }
+
/**
* Return the port number on which we listen for requests.
*/
@@ -1042,6 +1112,10 @@ public class Connector
adapter = new CoyoteAdapter(this);
protocolHandler.setAdapter(adapter);
+ // Make sure parseBodyMethodsSet has a default
+ if( null == parseBodyMethodsSet )
+ setParseBodyMethods(getParseBodyMethods());
+
IntrospectionUtils.setProperty(protocolHandler, "jkHome",
System.getProperty("catalina.base"));
diff --git a/java/org/apache/catalina/connector/CoyoteAdapter.java b/java/org/apache/catalina/connector/CoyoteAdapter.java
index 5f1587e..d28bcb2 100644
--- a/java/org/apache/catalina/connector/CoyoteAdapter.java
+++ b/java/org/apache/catalina/connector/CoyoteAdapter.java
@@ -49,7 +49,7 @@ import org.apache.tomcat.util.net.SocketStatus;
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Id: CoyoteAdapter.java 1185998 2011-10-19 07:15:30Z kkolinko $
+ * @version $Id: CoyoteAdapter.java 1232086 2012-01-16 18:10:51Z kkolinko $
*/
public class CoyoteAdapter implements Adapter {
@@ -697,7 +697,7 @@ public class CoyoteAdapter implements Adapter {
/**
* Parse session id in URL.
- * @deprecated Not used since 6.0.30
+ * @deprecated Not used since 6.0.33
*/
@Deprecated
protected void parseSessionId(org.apache.coyote.Request req, Request request) {
diff --git a/java/org/apache/catalina/connector/LocalStrings.properties b/java/org/apache/catalina/connector/LocalStrings.properties
index aab4097..ac88ff4 100644
--- a/java/org/apache/catalina/connector/LocalStrings.properties
+++ b/java/org/apache/catalina/connector/LocalStrings.properties
@@ -30,6 +30,7 @@ coyoteConnector.protocolHandlerPauseFailed=Protocol handler pause failed
coyoteConnector.protocolHandlerResumeFailed=Protocol handler resume failed
coyoteConnector.MapperRegistration=register Mapper: {0}
coyoteConnector.protocolUnregistrationFailed=Protocol handler stop failed
+coyoteConnector.parseBodyMethodNoTrace=TRACE method MUST NOT include an entity (see RFC 2616 Section 9.6)
#
# CoyoteAdapter
diff --git a/java/org/apache/catalina/connector/Request.java b/java/org/apache/catalina/connector/Request.java
index 030175a..b303c12 100644
--- a/java/org/apache/catalina/connector/Request.java
+++ b/java/org/apache/catalina/connector/Request.java
@@ -81,7 +81,7 @@ import org.apache.tomcat.util.ExceptionUtils;
*
* @author Remy Maucherat
* @author Craig R. McClanahan
- * @version $Id: Request.java 1201221 2011-11-12 08:08:36Z kkolinko $
+ * @version $Id: Request.java 1394104 2012-10-04 14:55:59Z markt $
*/
public class Request
@@ -2596,7 +2596,7 @@ public class Request
if (usingInputStream || usingReader)
return;
- if (!getMethod().equalsIgnoreCase("POST"))
+ if( !getConnector().isParseBodyMethod(getMethod()) )
return;
String contentType = getContentType();
@@ -2651,7 +2651,7 @@ public class Request
try {
formData = readChunkedPostBody();
} catch (IOException e) {
- // Client disconnect
+ // Client disconnect or chunkedPostTooLarge error
if (context.getLogger().isDebugEnabled()) {
context.getLogger().debug(
sm.getString("coyoteRequest.parseParameters"), e);
@@ -2705,7 +2705,7 @@ public class Request
if (connector.getMaxPostSize() > 0 &&
(body.getLength() + len) > connector.getMaxPostSize()) {
// Too much data
- throw new IllegalArgumentException(
+ throw new IOException(
sm.getString("coyoteRequest.chunkedPostTooLarge"));
}
if (len > 0) {
diff --git a/java/org/apache/catalina/connector/mbeans-descriptors.xml b/java/org/apache/catalina/connector/mbeans-descriptors.xml
index f47a162..8cf6687 100644
--- a/java/org/apache/catalina/connector/mbeans-descriptors.xml
+++ b/java/org/apache/catalina/connector/mbeans-descriptors.xml
@@ -110,6 +110,10 @@
description="Alias name of this connector's keypair and supporting certificate chain"
type="java.lang.String"/>
+ <attribute name="maxHeaderCount"
+ description="The maximum number of headers that are allowed by the container. 100 by default. A value of less than 0 means no limit."
+ type="int"/>
+
<attribute name="maxHttpHeaderSize"
description="Maximum size in bytes of the HTTP header"
type="int"/>
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java b/java/org/apache/catalina/core/AprLifecycleListener.java
index 6af65be..d31a22b 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -28,6 +28,8 @@ import org.apache.catalina.util.StringManager;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.jni.Library;
+import org.apache.tomcat.jni.SSL;
+import org.apache.tomcat.util.ExceptionUtils;
@@ -37,7 +39,7 @@ import org.apache.tomcat.jni.Library;
*
* @author Remy Maucherat
* @author Filip Hanik
- * @version $Id: AprLifecycleListener.java 1164486 2011-09-02 11:41:57Z markt $
+ * @version $Id: AprLifecycleListener.java 1330521 2012-04-25 19:59:23Z schultz $
* @since 4.1
*/
@@ -65,15 +67,23 @@ public class AprLifecycleListener
// ---------------------------------------------- Properties
protected static String SSLEngine = "on"; //default on
+ protected static String FIPSMode = "off"; // default off, valid only when SSLEngine="on"
protected static String SSLRandomSeed = "builtin";
protected static boolean sslInitialized = false;
protected static boolean aprInitialized = false;
protected static boolean sslAvailable = false;
protected static boolean aprAvailable = false;
+ protected static boolean fipsModeActive = false;
+
+ protected static final Object lock = new Object();
public static boolean isAprAvailable() {
//https://issues.apache.org/bugzilla/show_bug.cgi?id=48613
- if (instanceCreated) init();
+ if (instanceCreated) {
+ synchronized (lock) {
+ init();
+ }
+ }
return aprAvailable;
}
@@ -91,36 +101,46 @@ public class AprLifecycleListener
public void lifecycleEvent(LifecycleEvent event) {
if (Lifecycle.INIT_EVENT.equals(event.getType())) {
- init();
- if (aprAvailable) {
+ synchronized (lock) {
+ init();
+ if (aprAvailable) {
+ try {
+ initializeSSL();
+ } catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
+ log.error(sm.getString("aprListener.sslInit"), t);
+ }
+ }
+ // Failure to initialize FIPS mode is fatal
+ if ("on".equalsIgnoreCase(FIPSMode) && !isFIPSModeActive()) {
+ Error e = new Error(
+ sm.getString("aprListener.initializeFIPSFailed"));
+ // Log here, because thrown error might be not logged
+ log.fatal(e.getMessage(), e);
+ throw e;
+ }
+ }
+ } else if (Lifecycle.AFTER_STOP_EVENT.equals(event.getType())) {
+ synchronized (lock) {
+ if (!aprAvailable) {
+ return;
+ }
try {
- initializeSSL();
+ terminateAPR();
} catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
if (!log.isDebugEnabled()) {
- log.info(sm.getString("aprListener.sslInit"));
+ log.info(sm.getString("aprListener.aprDestroy"));
} else {
- log.debug(sm.getString("aprListener.sslInit"), t);
+ log.debug(sm.getString("aprListener.aprDestroy"), t);
}
}
}
- } else if (Lifecycle.AFTER_STOP_EVENT.equals(event.getType())) {
- if (!aprAvailable) {
- return;
- }
- try {
- terminateAPR();
- } catch (Throwable t) {
- if (!log.isDebugEnabled()) {
- log.info(sm.getString("aprListener.aprDestroy"));
- } else {
- log.debug(sm.getString("aprListener.aprDestroy"), t);
- }
- }
}
}
- private static synchronized void terminateAPR()
+ private static void terminateAPR()
throws ClassNotFoundException, NoSuchMethodException,
IllegalAccessException, InvocationTargetException
{
@@ -128,6 +148,11 @@ public class AprLifecycleListener
Method method = Class.forName("org.apache.tomcat.jni.Library")
.getMethod(methodName, (Class [])null);
method.invoke(null, (Object []) null);
+ aprAvailable = false;
+ aprInitialized = false;
+ sslInitialized = false; // Well we cleaned the pool in terminate.
+ sslAvailable = false; // Well we cleaned the pool in terminate.
+ fipsModeActive = false;
}
private static void init()
@@ -157,6 +182,7 @@ public class AprLifecycleListener
patch = clazz.getField("TCN_PATCH_VERSION").getInt(null);
apver = major * 1000 + minor * 100 + patch;
} catch (Throwable t) {
+ ExceptionUtils.handleThrowable(t);
if (!log.isDebugEnabled()) {
log.info(sm.getString("aprListener.aprInit",
System.getProperty("java.library.path")));
@@ -177,7 +203,7 @@ public class AprLifecycleListener
// is below required.
terminateAPR();
} catch (Throwable t) {
- // Ignore
+ ExceptionUtils.handleThrowable(t);
}
return;
}
@@ -198,7 +224,10 @@ public class AprLifecycleListener
}
if (!log.isDebugEnabled()) {
log.info(sm.getString("aprListener.tcnValid", major + "."
- + minor + "." + patch));
+ + minor + "." + patch,
+ Library.APR_MAJOR_VERSION + "."
+ + Library.APR_MINOR_VERSION + "."
+ + Library.APR_PATCH_VERSION));
}
else {
log.debug(sm.getString("aprListener.tcnValid", major + "."
@@ -210,7 +239,7 @@ public class AprLifecycleListener
aprAvailable = true;
}
- private static synchronized void initializeSSL()
+ private static void initializeSSL()
throws ClassNotFoundException, NoSuchMethodException,
IllegalAccessException, InvocationTargetException
{
@@ -239,6 +268,27 @@ public class AprLifecycleListener
method = clazz.getMethod(methodName, paramTypes);
method.invoke(null, paramValues);
+ if("on".equalsIgnoreCase(FIPSMode)) {
+ log.info(sm.getString("aprListener.initializingFIPS"));
+
+ int result = SSL.fipsModeSet(1);
+
+ // success is defined as return value = 1
+ if(1 == result) {
+ fipsModeActive = true;
+
+ log.info(sm.getString("aprListener.initializeFIPSSuccess"));
+ } else {
+ // This case should be handled by the native method,
+ // but we'll make absolutely sure, here.
+ String message = sm.getString("aprListener.initializeFIPSFailed");
+ log.error(message);
+ throw new IllegalStateException(message);
+ }
+ }
+
+ log.info(sm.getString("aprListener.initializedOpenSSL", SSL.versionString()));
+
sslAvailable = true;
}
@@ -247,7 +297,15 @@ public class AprLifecycleListener
}
public void setSSLEngine(String SSLEngine) {
- this.SSLEngine = SSLEngine;
+ if (!SSLEngine.equals(AprLifecycleListener.SSLEngine)) {
+ // Ensure that the SSLEngine is consistent with that used for SSL init
+ if (sslInitialized) {
+ throw new IllegalStateException(
+ sm.getString("aprListener.tooLateForSSLEngine"));
+ }
+
+ AprLifecycleListener.SSLEngine = SSLEngine;
+ }
}
public String getSSLRandomSeed() {
@@ -255,7 +313,34 @@ public class AprLifecycleListener
}
public void setSSLRandomSeed(String SSLRandomSeed) {
- this.SSLRandomSeed = SSLRandomSeed;
+ if (!SSLRandomSeed.equals(AprLifecycleListener.SSLRandomSeed)) {
+ // Ensure that the random seed is consistent with that used for SSL init
+ if (sslInitialized) {
+ throw new IllegalStateException(
+ sm.getString("aprListener.tooLateForSSLRandomSeed"));
+ }
+
+ AprLifecycleListener.SSLRandomSeed = SSLRandomSeed;
+ }
+ }
+
+ public String getFIPSMode() {
+ return FIPSMode;
}
+ public void setFIPSMode(String FIPSMode) {
+ if (!FIPSMode.equals(AprLifecycleListener.FIPSMode)) {
+ // Ensure that the FIPS mode is consistent with that used for SSL init
+ if (sslInitialized) {
+ throw new IllegalStateException(
+ sm.getString("aprListener.tooLateForFIPSMode"));
+ }
+
+ AprLifecycleListener.FIPSMode = FIPSMode;
+ }
+ }
+
+ public boolean isFIPSModeActive() {
+ return fipsModeActive;
+ }
}
diff --git a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
index 0fe06f8..be680df 100644
--- a/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
+++ b/java/org/apache/catalina/core/JreMemoryLeakPreventionListener.java
@@ -249,14 +249,19 @@ public class JreMemoryLeakPreventionListener implements LifecycleListener {
if(awtThreadProtection) {
java.awt.Toolkit.getDefaultToolkit();
}
-
+
/*
- * Several components end up calling:
- * sun.misc.GC.requestLatency(long)
+ * Several components end up calling
+ * sun.misc.GC.requestLatency(long) which creates a daemon
+ * thread without setting the TCCL.
*
* Those libraries / components known to trigger memory leaks
* due to eventual calls to requestLatency(long) are:
* - javax.management.remote.rmi.RMIConnectorServer.start()
+ *
+ * Note: Long.MAX_VALUE is a special case that causes the thread
+ * to terminate
+ *
*/
if (gcDaemonProtection) {
try {
@@ -264,7 +269,7 @@ public class JreMemoryLeakPreventionListener implements LifecycleListener {
Method method = clazz.getDeclaredMethod(
"requestLatency",
new Class[] {long.class});
- method.invoke(null, Long.valueOf(3600000));
+ method.invoke(null, Long.valueOf(Long.MAX_VALUE - 1));
} catch (ClassNotFoundException e) {
if (System.getProperty("java.vendor").startsWith(
"Sun")) {
diff --git a/java/org/apache/catalina/core/LocalStrings.properties b/java/org/apache/catalina/core/LocalStrings.properties
index c68dae9..26e18db 100644
--- a/java/org/apache/catalina/core/LocalStrings.properties
+++ b/java/org/apache/catalina/core/LocalStrings.properties
@@ -40,8 +40,16 @@ aprListener.tcnInvalid=An incompatible version {0} of the APR based Apache Tomca
aprListener.tcnVersion=An older version {0} of the APR based Apache Tomcat Native library is installed, while Tomcat recommends version greater than {1}
aprListener.aprDestroy=Failed shutdown of APR based Apache Tomcat Native library
aprListener.sslInit=Failed to initialize the SSLEngine.
-aprListener.tcnValid=Loaded APR based Apache Tomcat Native library {0}.
+aprListener.tcnValid=Loaded APR based Apache Tomcat Native library {0} using APR version {1}.
aprListener.flags=APR capabilities: IPv6 [{0}], sendfile [{1}], accept filters [{2}], random [{3}].
+aprListener.initializingFIPS=Initializing FIPS mode...
+aprListener.initializeFIPSSuccess=Successfully entered FIPS mode
+aprListener.initializeFIPSFailed=Failed to enter FIPS mode
+aprListener.tooLateForSSLEngine=Cannot setSSLEngine: SSL has already been initialized
+aprListener.tooLateForSSLRandomSeed=Cannot setSSLRandomSeed: SSL has already been initialized
+aprListener.tooLateForFIPSMode=Cannot setFIPSMode: SSL has already been initialized
+aprListener.initializedOpenSSL=OpenSSL successfully initialized with version {0}
+
containerBase.addDefaultMapper=Exception configuring default mapper of class {0}
containerBase.alreadyStarted=Container {0} has already been started
containerBase.notConfigured=No basic Valve has been configured
diff --git a/java/org/apache/catalina/core/LocalStrings_es.properties b/java/org/apache/catalina/core/LocalStrings_es.properties
index a3519d7..168f3bc 100644
--- a/java/org/apache/catalina/core/LocalStrings_es.properties
+++ b/java/org/apache/catalina/core/LocalStrings_es.properties
@@ -35,9 +35,10 @@ aprListener.tcnInvalid = Se encuentra instalada una versi\u00f3n incompatible {0
aprListener.tcnVersion = Se encuentra instalada una versi\u00f3n muy vieja {0} de la biblioteca nativa APR de Apache Tomcat, mientras que Tomcat recomienda una versi\u00f3n mayor de {1}
aprListener.aprDestroy = No pude apagar la biblioteca nativa de Apache Tomcat
aprListener.sslInit = No pude inicializar el SSLEngine (Motor SSL)
-aprListener.tcnValid = Cargada la biblioteca nativa APR de Apache Tomcat {0}
+aprListener.tcnValid = Cargada la biblioteca nativa APR de Apache Tomcat {0} con la versión APR {1}.
aprListener.flags = Capacidades APR\: IPv6 [{0}], enviar fichero [{1}], aceptar filtros [{2}], aleatorio [{3}].
containerBase.addDefaultMapper = Excepci\u00f3n configurando mapeador por defecto de clase {0}
+aprListener.initializedOpenSSL=OpenSSL inicializado correctamente con versión {0}
containerBase.alreadyStarted = Ya ha sido arrancado el Contenedor {0}
containerBase.notConfigured = No se ha configurado V\u00e1lvula b\u00e1sica
containerBase.notStarted = No se ha arrancado el Contenedor {0}
diff --git a/java/org/apache/catalina/core/StandardThreadExecutor.java b/java/org/apache/catalina/core/StandardThreadExecutor.java
index c2369b3..dfb9474 100644
--- a/java/org/apache/catalina/core/StandardThreadExecutor.java
+++ b/java/org/apache/catalina/core/StandardThreadExecutor.java
@@ -33,20 +33,44 @@ import java.util.concurrent.RejectedExecutionException;
public class StandardThreadExecutor implements Executor {
// ---------------------------------------------- Properties
+ /**
+ * Default thread priority
+ */
protected int threadPriority = Thread.NORM_PRIORITY;
+ /**
+ * Run threads in daemon or non-daemon state
+ */
protected boolean daemon = true;
+ /**
+ * Default name prefix for the thread name
+ */
protected String namePrefix = "tomcat-exec-";
+ /**
+ * max number of threads
+ */
protected int maxThreads = 200;
+ /**
+ * min number of threads
+ */
protected int minSpareThreads = 25;
+ /**
+ * idle time in milliseconds
+ */
protected int maxIdleTime = 60000;
+ /**
+ * The executor we use for this component
+ */
protected ThreadPoolExecutor executor = null;
+ /**
+ * the name of this thread pool
+ */
protected String name;
/**
@@ -54,6 +78,11 @@ public class StandardThreadExecutor implements Executor {
*/
protected AtomicInteger submittedTasksCount;
+ /**
+ * The maximum number of elements that can queue up before we reject them
+ */
+ protected int maxQueueSize = Integer.MAX_VALUE;
+
private LifecycleSupport lifecycle = new LifecycleSupport(this);
// ---------------------------------------------- Constructors
public StandardThreadExecutor() {
@@ -65,7 +94,7 @@ public class StandardThreadExecutor implements Executor {
// ---------------------------------------------- Public Methods
public void start() throws LifecycleException {
lifecycle.fireLifecycleEvent(BEFORE_START_EVENT, null);
- TaskQueue taskqueue = new TaskQueue();
+ TaskQueue taskqueue = new TaskQueue(maxQueueSize);
TaskThreadFactory tf = new TaskThreadFactory(namePrefix);
lifecycle.fireLifecycleEvent(START_EVENT, null);
executor = new ThreadPoolExecutor(getMinSpareThreads(), getMaxThreads(), maxIdleTime, TimeUnit.MILLISECONDS,taskqueue, tf) {
@@ -90,7 +119,27 @@ public class StandardThreadExecutor implements Executor {
submittedTasksCount = null;
lifecycle.fireLifecycleEvent(AFTER_STOP_EVENT, null);
}
-
+
+ // This method is not used by Tomcat 6, but is available in later versions
+ public void execute(Runnable command, long timeout, TimeUnit unit) {
+ if ( executor != null ) {
+ submittedTasksCount.incrementAndGet();
+ try {
+ executor.execute(command);
+ } catch (RejectedExecutionException rx) {
+ //there could have been contention around the queue
+ try {
+ if ( !( (TaskQueue) executor.getQueue()).force(command,timeout,unit) ) {
+ submittedTasksCount.decrementAndGet();
+ throw new RejectedExecutionException("Work queue full.");
+ }
+ }catch (InterruptedException x) {
+ throw new RejectedExecutionException("Interrupted.",x);
+ }
+ }
+ } else throw new IllegalStateException("StandardThreadPool not started.");
+ }
+
public void execute(Runnable command) {
if ( executor != null ) {
submittedTasksCount.incrementAndGet();
@@ -100,7 +149,7 @@ public class StandardThreadExecutor implements Executor {
//there could have been contention around the queue
if ( !( (TaskQueue) executor.getQueue()).force(command) ) {
submittedTasksCount.decrementAndGet();
- throw new RejectedExecutionException();
+ throw new RejectedExecutionException("Work queue full.");
}
}
} else throw new IllegalStateException("StandardThreadPool not started.");
@@ -172,6 +221,14 @@ public class StandardThreadExecutor implements Executor {
this.name = name;
}
+ public void setMaxQueueSize(int size) {
+ this.maxQueueSize = size;
+ }
+
+ public int getMaxQueueSize() {
+ return maxQueueSize;
+ }
+
/**
* Add a LifecycleEvent listener to this component.
*
@@ -233,8 +290,8 @@ public class StandardThreadExecutor implements Executor {
super();
}
- public TaskQueue(int initialCapacity) {
- super(initialCapacity);
+ public TaskQueue(int capacity) {
+ super(capacity);
}
public TaskQueue(Collection<? extends Runnable> c) {
@@ -250,6 +307,11 @@ public class StandardThreadExecutor implements Executor {
return super.offer(o); //forces the item onto the queue, to be used if the task is rejected
}
+ public boolean force(Runnable o, long timeout, TimeUnit unit) throws InterruptedException {
+ if ( parent.isShutdown() ) throw new RejectedExecutionException("Executor not running, can't force a command into the queue");
+ return super.offer(o,timeout,unit); //forces the item onto the queue, to be used if the task is rejected
+ }
+
public boolean offer(Runnable o) {
//we can't do any checks
if (parent==null) return super.offer(o);
diff --git a/java/org/apache/catalina/filters/CsrfPreventionFilter.java b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
index 3464b1d..83ebcc6 100644
--- a/java/org/apache/catalina/filters/CsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
@@ -18,6 +18,7 @@
package org.apache.catalina.filters;
import java.io.IOException;
+import java.io.Serializable;
import java.security.SecureRandom;
import java.util.HashSet;
import java.util.LinkedHashMap;
@@ -33,6 +34,7 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
+import javax.servlet.http.HttpSession;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -153,16 +155,19 @@ public class CsrfPreventionFilter extends FilterBase {
}
}
+ HttpSession session = req.getSession(false);
+
@SuppressWarnings("unchecked")
- LruCache<String> nonceCache =
- (LruCache<String>) req.getSession(true).getAttribute(
- Constants.CSRF_NONCE_SESSION_ATTR_NAME);
-
+ LruCache<String> nonceCache = (session == null) ? null
+ : (LruCache<String>) session.getAttribute(
+ Constants.CSRF_NONCE_SESSION_ATTR_NAME);
+
if (!skipNonceCheck) {
String previousNonce =
req.getParameter(Constants.CSRF_NONCE_REQUEST_PARAM);
- if (nonceCache != null && !nonceCache.contains(previousNonce)) {
+ if (nonceCache == null || previousNonce == null ||
+ !nonceCache.contains(previousNonce)) {
res.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
@@ -170,7 +175,10 @@ public class CsrfPreventionFilter extends FilterBase {
if (nonceCache == null) {
nonceCache = new LruCache<String>(nonceCacheSize);
- req.getSession().setAttribute(
+ if (session == null) {
+ session = req.getSession(true);
+ }
+ session.setAttribute(
Constants.CSRF_NONCE_SESSION_ATTR_NAME, nonceCache);
}
@@ -294,7 +302,9 @@ public class CsrfPreventionFilter extends FilterBase {
}
}
- private static class LruCache<T> {
+ protected static class LruCache<T> implements Serializable {
+
+ private static final long serialVersionUID = 1L;
// Although the internal implementation uses a Map, this cache
// implementation is only concerned with the keys.
diff --git a/webapps/examples/WEB-INF/classes/filters/SetCharacterEncodingFilter.java b/java/org/apache/catalina/filters/SetCharacterEncodingFilter.java
similarity index 70%
copy from webapps/examples/WEB-INF/classes/filters/SetCharacterEncodingFilter.java
copy to java/org/apache/catalina/filters/SetCharacterEncodingFilter.java
index 663905e..63c99d7 100644
--- a/webapps/examples/WEB-INF/classes/filters/SetCharacterEncodingFilter.java
+++ b/java/org/apache/catalina/filters/SetCharacterEncodingFilter.java
@@ -14,18 +14,18 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
-package filters;
-
+package org.apache.catalina.filters;
import java.io.IOException;
-import javax.servlet.Filter;
+
import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+
/**
* <p>Example filter that sets the character encoding to be used in parsing the
@@ -42,7 +42,7 @@ import javax.servlet.ServletResponse;
* <code>selectEncoding()</code> method is set. If set to "false,
* <code>selectEncoding()</code> is called <strong>only</strong> if the
* client has not already specified an encoding. By default, this
- * parameter is set to "true".</li>
+ * parameter is set to "false".</li>
* </ul>
*
* <p>Although this filter can be used unchanged, it is also easy to
@@ -51,57 +51,41 @@ import javax.servlet.ServletResponse;
* the incoming request (such as the values of the <code>Accept-Language</code>
* and <code>User-Agent</code> headers, or a value stashed in the current
* user's session.</p>
- *
- * @author Craig McClanahan
- * @version $Id: SetCharacterEncodingFilter.java 939521 2010-04-30 00:16:33Z kkolinko $
*/
+public class SetCharacterEncodingFilter extends FilterBase {
-public class SetCharacterEncodingFilter implements Filter {
+ private static final Log log =
+ LogFactory.getLog(SetCharacterEncodingFilter.class);
// ----------------------------------------------------- Instance Variables
-
/**
* The default character encoding to set for requests that pass through
* this filter.
*/
- protected String encoding = null;
-
-
- /**
- * The filter configuration object we are associated with. If this value
- * is null, this filter instance is not currently configured.
- */
- protected FilterConfig filterConfig = null;
+ private String encoding = null;
+ public void setEncoding(String encoding) { this.encoding = encoding; }
+ public String getEncoding() { return encoding; }
/**
* Should a character encoding specified by the client be ignored?
*/
- protected boolean ignore = true;
+ private boolean ignore = false;
+ public void setIgnore(boolean ignore) { this.ignore = ignore; }
+ public boolean isIgnore() { return ignore; }
// --------------------------------------------------------- Public Methods
/**
- * Take this filter out of service.
- */
- public void destroy() {
-
- this.encoding = null;
- this.filterConfig = null;
-
- }
-
-
- /**
* Select and set (if specified) the character encoding to be used to
* interpret request parameters for this request.
*
* @param request The servlet request we are processing
- * @param result The servlet response we are creating
+ * @param response The servlet response we are creating
* @param chain The filter chain we are processing
*
* @exception IOException if an input/output error occurs
@@ -109,46 +93,29 @@ public class SetCharacterEncodingFilter implements Filter {
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
- throws IOException, ServletException {
+ throws IOException, ServletException {
// Conditionally select and set the character encoding to be used
if (ignore || (request.getCharacterEncoding() == null)) {
- String encoding = selectEncoding(request);
- if (encoding != null)
- request.setCharacterEncoding(encoding);
+ String characterEncoding = selectEncoding(request);
+ if (characterEncoding != null) {
+ request.setCharacterEncoding(characterEncoding);
+ }
}
- // Pass control on to the next filter
+ // Pass control on to the next filter
chain.doFilter(request, response);
-
}
- /**
- * Place this filter into service.
- *
- * @param filterConfig The filter configuration object
- */
- public void init(FilterConfig filterConfig) throws ServletException {
-
- this.filterConfig = filterConfig;
- this.encoding = filterConfig.getInitParameter("encoding");
- String value = filterConfig.getInitParameter("ignore");
- if (value == null)
- this.ignore = true;
- else if (value.equalsIgnoreCase("true"))
- this.ignore = true;
- else if (value.equalsIgnoreCase("yes"))
- this.ignore = true;
- else
- this.ignore = false;
+ // ------------------------------------------------------ Protected Methods
+ @Override
+ protected Log getLogger() {
+ return log;
}
- // ------------------------------------------------------ Protected Methods
-
-
/**
* Select an appropriate character encoding to be used, based on the
* characteristics of the current request and/or filter initialization
@@ -162,10 +129,6 @@ public class SetCharacterEncodingFilter implements Filter {
* @param request The servlet request we are processing
*/
protected String selectEncoding(ServletRequest request) {
-
- return (this.encoding);
-
+ return this.encoding;
}
-
-
}
diff --git a/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java b/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
index 809ab25..1961159 100644
--- a/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
+++ b/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOn.java
@@ -21,8 +21,8 @@ package org.apache.catalina.ha.authenticator;
import java.security.Principal;
-import org.apache.catalina.Container;
import org.apache.catalina.Cluster;
+import org.apache.catalina.Container;
import org.apache.catalina.Engine;
import org.apache.catalina.Host;
import org.apache.catalina.LifecycleException;
@@ -31,6 +31,8 @@ import org.apache.catalina.Session;
import org.apache.catalina.authenticator.SingleSignOn;
import org.apache.catalina.ha.CatalinaCluster;
import org.apache.catalina.ha.ClusterManager;
+import org.apache.catalina.ha.session.SerializablePrincipal;
+import org.apache.catalina.realm.GenericPrincipal;
@@ -333,6 +335,12 @@ public class ClusterSingleSignOn
msg.setUsername(username);
msg.setPassword(password);
+ SerializablePrincipal sp = null;
+ if (principal instanceof GenericPrincipal) {
+ sp = SerializablePrincipal.createPrincipal((GenericPrincipal) principal);
+ msg.setPrincipal(sp);
+ }
+
cluster.sendClusterDomain(msg);
if (containerLog.isDebugEnabled())
containerLog.debug("SingleSignOnMessage Send with action "
@@ -390,6 +398,12 @@ public class ClusterSingleSignOn
msg.setUsername(username);
msg.setPassword(password);
+ SerializablePrincipal sp = null;
+ if (principal instanceof GenericPrincipal) {
+ sp = SerializablePrincipal.createPrincipal((GenericPrincipal) principal);
+ msg.setPrincipal(sp);
+ }
+
cluster.sendClusterDomain(msg);
if (containerLog.isDebugEnabled())
containerLog.debug("SingleSignOnMessage Send with action "
diff --git a/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java b/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java
index d893063..7b12c4b 100644
--- a/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java
+++ b/java/org/apache/catalina/ha/authenticator/ClusterSingleSignOnListener.java
@@ -17,6 +17,7 @@
package org.apache.catalina.ha.authenticator;
+import java.security.Principal;
import java.util.Map;
import java.io.IOException;
@@ -88,6 +89,7 @@ public class ClusterSingleSignOnListener extends ClusterListener {
SingleSignOnMessage msg = (SingleSignOnMessage) myobj;
int action = msg.getAction();
Session session = null;
+ Principal principal = null;
if (log.isDebugEnabled())
log.debug("SingleSignOnMessage Received with action "
@@ -110,12 +112,18 @@ public class ClusterSingleSignOnListener extends ClusterListener {
clusterSSO.deregisterLocal(msg.getSsoId());
break;
case SingleSignOnMessage.REGISTER_SESSION:
- clusterSSO.registerLocal(msg.getSsoId(), null, msg.getAuthType(),
- msg.getUsername(), msg.getPassword());
+ if (msg.getPrincipal() != null) {
+ principal = msg.getPrincipal().getPrincipal(clusterSSO.getContainer().getRealm());
+ }
+ clusterSSO.registerLocal(msg.getSsoId(), principal, msg.getAuthType(),
+ msg.getUsername(), msg.getPassword());
break;
case SingleSignOnMessage.UPDATE_SESSION:
- clusterSSO.updateLocal(msg.getSsoId(), null, msg.getAuthType(),
- msg.getUsername(), msg.getPassword());
+ if (msg.getPrincipal() != null) {
+ principal = msg.getPrincipal().getPrincipal(clusterSSO.getContainer().getRealm());
+ }
+ clusterSSO.updateLocal(msg.getSsoId(), principal, msg.getAuthType(),
+ msg.getUsername(), msg.getPassword());
break;
case SingleSignOnMessage.REMOVE_SESSION:
session = getSession(msg.getSessionId(),
diff --git a/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java b/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
index 364271c..72168b3 100644
--- a/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
+++ b/java/org/apache/catalina/ha/authenticator/SingleSignOnMessage.java
@@ -20,6 +20,7 @@ package org.apache.catalina.ha.authenticator;
import java.io.Serializable;
import org.apache.catalina.ha.ClusterMessage;
+import org.apache.catalina.ha.session.SerializablePrincipal;
import org.apache.catalina.tribes.Member;
/**
@@ -43,6 +44,7 @@ public class SingleSignOnMessage implements ClusterMessage, Serializable {
private String authType = null;
private String password = null;
private String username = null;
+ private SerializablePrincipal principal = null;
private Member address = null;
private long timestamp = 0;
@@ -169,6 +171,13 @@ public class SingleSignOnMessage implements ClusterMessage, Serializable {
this.username = username;
}
+ public SerializablePrincipal getPrincipal() {
+ return principal;
+ }
+
+ public void setPrincipal(SerializablePrincipal principal) {
+ this.principal = principal;
+ }
// --------------------------------------------------------- Public Methods
diff --git a/java/org/apache/catalina/ha/session/DeltaManager.java b/java/org/apache/catalina/ha/session/DeltaManager.java
index a2984c3..18529f2 100644
--- a/java/org/apache/catalina/ha/session/DeltaManager.java
+++ b/java/org/apache/catalina/ha/session/DeltaManager.java
@@ -41,6 +41,7 @@ import org.apache.catalina.ha.CatalinaCluster;
import org.apache.catalina.ha.ClusterMessage;
import org.apache.catalina.ha.tcp.ReplicationValve;
import org.apache.catalina.session.ManagerBase;
+import org.apache.catalina.session.TooManyActiveSessionsException;
import org.apache.catalina.tribes.Member;
import org.apache.catalina.tribes.io.ReplicationStream;
import org.apache.catalina.util.LifecycleSupport;
@@ -63,7 +64,7 @@ import org.apache.catalina.ha.ClusterManager;
* @author Craig R. McClanahan
* @author Jean-Francois Arcand
* @author Peter Rossbach
- * @version $Id: DeltaManager.java 1195848 2011-11-01 07:00:21Z kfujino $
+ * @version $Id: DeltaManager.java 1353128 2012-06-23 13:26:02Z kkolinko $
*/
public class DeltaManager extends ClusterManagerBase{
@@ -586,7 +587,9 @@ public class DeltaManager extends ClusterManagerBase{
public Session createSession(String sessionId, boolean distribute) {
if ((maxActiveSessions >= 0) && (sessions.size() >= maxActiveSessions)) {
rejectedSessions++;
- throw new IllegalStateException(sm.getString("deltaManager.createSession.ise"));
+ throw new TooManyActiveSessionsException(
+ sm.getString("deltaManager.createSession.ise"),
+ maxActiveSessions);
}
DeltaSession session = (DeltaSession) super.createSession(sessionId) ;
if (distribute) {
@@ -1381,7 +1384,7 @@ public class DeltaManager extends ClusterManagerBase{
}
/**
- * Exipre all find sessions.
+ * Expire all find sessions.
*/
public void expireAllLocalSessions()
{
@@ -1405,7 +1408,7 @@ public class DeltaManager extends ClusterManagerBase{
}//end if
}//for
long timeEnd = System.currentTimeMillis();
- if(log.isDebugEnabled()) log.debug("End expire sessions " + getName() + " exipre processingTime " + (timeEnd - timeNow) + " expired direct sessions: " + expireDirect + " expired direct sessions: " + expireIndirect);
+ if(log.isDebugEnabled()) log.debug("End expire sessions " + getName() + " expire processingTime " + (timeEnd - timeNow) + " expired direct sessions: " + expireDirect + " expired direct sessions: " + expireIndirect);
}
diff --git a/java/org/apache/catalina/ha/session/SimpleTcpReplicationManager.java b/java/org/apache/catalina/ha/session/SimpleTcpReplicationManager.java
index eacc512..f79297c 100644
--- a/java/org/apache/catalina/ha/session/SimpleTcpReplicationManager.java
+++ b/java/org/apache/catalina/ha/session/SimpleTcpReplicationManager.java
@@ -26,6 +26,7 @@ import org.apache.catalina.ha.ClusterMessage;
import org.apache.catalina.tribes.Member;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.session.StandardManager;
+import org.apache.catalina.session.TooManyActiveSessionsException;
import org.apache.catalina.tribes.io.ReplicationStream;
import java.io.ByteArrayInputStream;
import org.apache.catalina.Loader;
@@ -203,9 +204,11 @@ public class SimpleTcpReplicationManager extends StandardManager implements Clus
//inherited from the basic manager
if ((getMaxActiveSessions() >= 0) &&
- (sessions.size() >= getMaxActiveSessions()))
- throw new IllegalStateException(sm.getString("standardManager.createSession.ise"));
-
+ (sessions.size() >= getMaxActiveSessions())) {
+ throw new TooManyActiveSessionsException(
+ sm.getString("standardManager.createSession.ise"),
+ getMaxActiveSessions());
+ }
Session session = new ReplicatedSession(this);
diff --git a/java/org/apache/catalina/ha/session/mbeans-descriptors.xml b/java/org/apache/catalina/ha/session/mbeans-descriptors.xml
index 3202230..a2533d6 100644
--- a/java/org/apache/catalina/ha/session/mbeans-descriptors.xml
+++ b/java/org/apache/catalina/ha/session/mbeans-descriptors.xml
@@ -290,7 +290,7 @@ created by this Manager"
<attribute
name="expireSessionsOnShutdown"
is="true"
- description="exipre all sessions cluster wide as one node goes down"
+ description="expire all sessions cluster wide as one node goes down"
type="boolean"/>
<attribute
name="notifyListenersOnReplication"
@@ -385,7 +385,7 @@ created by this Manager"
</operation>
<operation
name="expireAllLocalSessions"
- description="Exipre all active local sessions and replicate the invalid sessions"
+ description="Expire all active local sessions and replicate the invalid sessions"
impact="ACTION"
returnType="void"> </operation>
<operation
@@ -555,7 +555,7 @@ created by this Manager"
<attribute
name="expireSessionsOnShutdown"
is="true"
- description="exipre all sessions cluster wide as one node goes down"
+ description="expire all sessions cluster wide as one node goes down"
type="boolean"/>
<attribute
name="notifyListenersOnReplication"
diff --git a/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java b/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java
index acab599..59e6e44 100644
--- a/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java
+++ b/java/org/apache/catalina/ha/tcp/SimpleTcpCluster.java
@@ -57,6 +57,7 @@ import org.apache.catalina.tribes.group.interceptors.MessageDispatch15Intercepto
import org.apache.catalina.tribes.group.interceptors.TcpFailureDetector;
import org.apache.catalina.ha.session.JvmRouteBinderValve;
import org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener;
+import org.apache.catalina.ha.session.SessionMessage;
/**
* A <b>Cluster </b> implementation using simple multicast. Responsible for
@@ -69,7 +70,7 @@ import org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener;
* @author Filip Hanik
* @author Remy Maucherat
* @author Peter Rossbach
- * @version $Id: SimpleTcpCluster.java 939514 2010-04-29 23:55:14Z kkolinko $
+ * @version $Id: SimpleTcpCluster.java 1377884 2012-08-27 21:46:29Z markt $
*/
public class SimpleTcpCluster
implements CatalinaCluster, Lifecycle, LifecycleListener, IDynamicProperty,
@@ -808,14 +809,19 @@ public class SimpleTcpCluster
public void send(ClusterMessage msg, Member dest) {
try {
msg.setAddress(getLocalMember());
+ int sendOptions = channelSendOptions;
+ if (msg instanceof SessionMessage
+ && ((SessionMessage)msg).getEventType() == SessionMessage.EVT_ALL_SESSION_DATA) {
+ sendOptions = Channel.SEND_OPTIONS_SYNCHRONIZED_ACK|Channel.SEND_OPTIONS_USE_ACK;
+ }
if (dest != null) {
if (!getLocalMember().equals(dest)) {
- channel.send(new Member[] {dest}, msg,channelSendOptions);
+ channel.send(new Member[] {dest}, msg, sendOptions);
} else
log.error("Unable to send message to local member " + msg);
} else {
if (channel.getMembers().length>0)
- channel.send(channel.getMembers(),msg,channelSendOptions);
+ channel.send(channel.getMembers(),msg, sendOptions);
else if (log.isDebugEnabled())
log.debug("No members in cluster, ignoring message:"+msg);
}
diff --git a/java/org/apache/catalina/loader/WebappClassLoader.java b/java/org/apache/catalina/loader/WebappClassLoader.java
index 5809a7a..dfc24a3 100644
--- a/java/org/apache/catalina/loader/WebappClassLoader.java
+++ b/java/org/apache/catalina/loader/WebappClassLoader.java
@@ -110,7 +110,7 @@ import org.apache.tomcat.util.IntrospectionUtils;
*
* @author Remy Maucherat
* @author Craig R. McClanahan
- * @version $Id: WebappClassLoader.java 1195412 2011-10-31 11:19:38Z markt $
+ * @version $Id: WebappClassLoader.java 1356198 2012-07-02 12:04:11Z kkolinko $
*/
public class WebappClassLoader
extends URLClassLoader
@@ -2177,8 +2177,9 @@ public class WebappClassLoader
}
// TimerThread can be stopped safely so treat separately
- if (thread.getClass().getName().equals(
- "java.util.TimerThread") &&
+ // "java.util.TimerThread" in Sun/Oracle JDK
+ // "java.util.Timer$TimerImpl" in Apache Harmony and in IBM JDK
+ if (thread.getClass().getName().startsWith("java.util.Timer") &&
clearReferencesStopTimerThreads) {
clearReferencesStopTimerThread(thread);
continue;
@@ -2201,13 +2202,29 @@ public class WebappClassLoader
// If the thread has been started via an executor, try
// shutting down the executor
try {
- Field targetField =
- thread.getClass().getDeclaredField("target");
- targetField.setAccessible(true);
- Object target = targetField.get(thread);
-
+ // Runnable wrapped by Thread
+ // "target" in Sun/Oracle JDK
+ // "runnable" in IBM JDK
+ // "action" in Apache Harmony
+ Object target = null;
+ for (String fieldName : new String[] { "target",
+ "runnable", "action" }) {
+ try {
+ Field targetField = thread.getClass()
+ .getDeclaredField(fieldName);
+ targetField.setAccessible(true);
+ target = targetField.get(thread);
+ break;
+ } catch (NoSuchFieldException nfe) {
+ continue;
+ }
+ }
+
+ // "java.util.concurrent" code is in public domain,
+ // so all implementations are similar
if (target != null &&
- target.getClass().getCanonicalName().equals(
+ target.getClass().getCanonicalName() != null
+ && target.getClass().getCanonicalName().equals(
"java.util.concurrent.ThreadPoolExecutor.Worker")) {
Field executorField =
target.getClass().getDeclaredField("this$0");
@@ -2276,37 +2293,46 @@ public class WebappClassLoader
private void clearReferencesStopTimerThread(Thread thread) {
-
+
// Need to get references to:
- // - newTasksMayBeScheduled field
+ // in Sun/Oracle JDK:
+ // - newTasksMayBeScheduled field (in java.util.TimerThread)
// - queue field
// - queue.clear()
-
+ // in IBM JDK, Apache Harmony:
+ // - cancel() method (in java.util.Timer$TimerImpl)
+
try {
- Field newTasksMayBeScheduledField =
- thread.getClass().getDeclaredField("newTasksMayBeScheduled");
- newTasksMayBeScheduledField.setAccessible(true);
- Field queueField = thread.getClass().getDeclaredField("queue");
- queueField.setAccessible(true);
-
- Object queue = queueField.get(thread);
-
- Method clearMethod = queue.getClass().getDeclaredMethod("clear");
- clearMethod.setAccessible(true);
-
- synchronized(queue) {
- newTasksMayBeScheduledField.setBoolean(thread, false);
- clearMethod.invoke(queue);
- queue.notify(); // In case queue was already empty.
+
+ try {
+ Field newTasksMayBeScheduledField =
+ thread.getClass().getDeclaredField("newTasksMayBeScheduled");
+ newTasksMayBeScheduledField.setAccessible(true);
+ Field queueField = thread.getClass().getDeclaredField("queue");
+ queueField.setAccessible(true);
+
+ Object queue = queueField.get(thread);
+
+ Method clearMethod = queue.getClass().getDeclaredMethod("clear");
+ clearMethod.setAccessible(true);
+
+ synchronized(queue) {
+ newTasksMayBeScheduledField.setBoolean(thread, false);
+ clearMethod.invoke(queue);
+ queue.notify(); // In case queue was already empty.
+ }
+
+ }catch (NoSuchFieldException nfe){
+ Method cancelMethod = thread.getClass().getDeclaredMethod("cancel");
+ synchronized(thread) {
+ cancelMethod.setAccessible(true);
+ cancelMethod.invoke(thread);
+ }
}
-
+
log.error(sm.getString("webappClassLoader.warnTimerThread",
contextName, thread.getName()));
- } catch (NoSuchFieldException e) {
- log.warn(sm.getString(
- "webappClassLoader.stopTimerThreadFail",
- thread.getName(), contextName), e);
} catch (IllegalAccessException e) {
log.warn(sm.getString(
"webappClassLoader.stopTimerThreadFail",
@@ -2340,17 +2366,27 @@ public class WebappClassLoader
Class.forName("java.lang.ThreadLocal$ThreadLocalMap");
Field tableField = tlmClass.getDeclaredField("table");
tableField.setAccessible(true);
-
+ Method expungeStaleEntriesMethod = tlmClass.getDeclaredMethod("expungeStaleEntries");
+ expungeStaleEntriesMethod.setAccessible(true);
+
for (int i = 0; i < threads.length; i++) {
Object threadLocalMap;
if (threads[i] != null) {
+
// Clear the first map
threadLocalMap = threadLocalsField.get(threads[i]);
- clearThreadLocalMap(threadLocalMap, tableField);
+ if (null != threadLocalMap){
+ expungeStaleEntriesMethod.invoke(threadLocalMap);
+ checkThreadLocalMapForLeaks(threadLocalMap, tableField);
+ }
+
// Clear the second map
threadLocalMap =
inheritableThreadLocalsField.get(threads[i]);
- clearThreadLocalMap(threadLocalMap, tableField);
+ if (null != threadLocalMap){
+ expungeStaleEntriesMethod.invoke(threadLocalMap);
+ checkThreadLocalMapForLeaks(threadLocalMap, tableField);
+ }
}
}
} catch (SecurityException e) {
@@ -2383,7 +2419,7 @@ public class WebappClassLoader
* points to the internal table to save re-calculating it on every
* call to this method.
*/
- private void clearThreadLocalMap(Object map, Field internalTableField)
+ private void checkThreadLocalMapForLeaks(Object map, Field internalTableField)
throws NoSuchMethodException, IllegalAccessException,
NoSuchFieldException, InvocationTargetException {
if (map != null) {
@@ -3256,44 +3292,53 @@ public class WebappClassLoader
* Check the specified JAR file, and return <code>true</code> if it does
* not contain any of the trigger classes.
*
- * @param jarfile The JAR file to be checked
+ * @param file The JAR file to be checked
*
* @exception IOException if an input/output error occurs
*/
- protected boolean validateJarFile(File jarfile)
+ protected boolean validateJarFile(File file)
throws IOException {
if (triggers == null)
return (true);
- JarFile jarFile = new JarFile(jarfile);
- for (int i = 0; i < triggers.length; i++) {
- Class clazz = null;
- try {
- if (parent != null) {
- clazz = parent.loadClass(triggers[i]);
- } else {
- clazz = Class.forName(triggers[i]);
+
+ JarFile jarFile = null;
+ try {
+ jarFile = new JarFile(file);
+ for (int i = 0; i < triggers.length; i++) {
+ Class<?> clazz = null;
+ try {
+ if (parent != null) {
+ clazz = parent.loadClass(triggers[i]);
+ } else {
+ clazz = Class.forName(triggers[i]);
+ }
+ } catch (Throwable t) {
+ clazz = null;
+ }
+ if (clazz == null)
+ continue;
+ String name = triggers[i].replace('.', '/') + ".class";
+ if (log.isDebugEnabled())
+ log.debug(" Checking for " + name);
+ JarEntry jarEntry = jarFile.getJarEntry(name);
+ if (jarEntry != null) {
+ log.info("validateJarFile(" + file +
+ ") - jar not loaded. See Servlet Spec 2.3, "
+ + "section 9.7.2. Offending class: " + name);
+ return false;
}
- } catch (Throwable t) {
- clazz = null;
}
- if (clazz == null)
- continue;
- String name = triggers[i].replace('.', '/') + ".class";
- if (log.isDebugEnabled())
- log.debug(" Checking for " + name);
- JarEntry jarEntry = jarFile.getJarEntry(name);
- if (jarEntry != null) {
- log.info("validateJarFile(" + jarfile +
- ") - jar not loaded. See Servlet Spec 2.3, "
- + "section 9.7.2. Offending class: " + name);
- jarFile.close();
- return (false);
+ return true;
+ } finally {
+ if (jarFile != null) {
+ try {
+ jarFile.close();
+ } catch (IOException ioe) {
+ // Ignore
+ }
}
}
- jarFile.close();
- return (true);
-
}
diff --git a/java/org/apache/catalina/manager/Constants.java b/java/org/apache/catalina/manager/Constants.java
index 239795b..fbf5f87 100644
--- a/java/org/apache/catalina/manager/Constants.java
+++ b/java/org/apache/catalina/manager/Constants.java
@@ -182,7 +182,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"<hr size=\"1\" noshade=\"noshade\">\n" +
"<center><font size=\"-1\" color=\"#525D76\">\n" +
- " <em>Copyright © 1999-2011, Apache Software Foundation</em>" +
+ " <em>Copyright © 1999-2012, Apache Software Foundation</em>" +
"</font></center>\n" +
"\n" +
"</body>\n" +
diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java b/java/org/apache/catalina/manager/HTMLManagerServlet.java
index 09c093e..cbc4f94 100644
--- a/java/org/apache/catalina/manager/HTMLManagerServlet.java
+++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java
@@ -68,7 +68,7 @@ import org.apache.tomcat.util.http.fileupload.FileItem;
* @author Bip Thelin
* @author Malcolm Edgar
* @author Glenn L. Nielsen
-* @version $Id: HTMLManagerServlet.java 1124220 2011-05-18 12:35:40Z markt $
+* @version $Id: HTMLManagerServlet.java 1394144 2012-10-04 16:30:50Z markt $
* @see ManagerServlet
*/
@@ -406,7 +406,7 @@ public final class HTMLManagerServlet extends ManagerServlet {
}
args = new Object[7];
- args[0] = URL_ENCODER.encode(displayPath);
+ args[0] = URL_ENCODER.encode(contextPath + "/");
args[1] = RequestUtil.filter(displayPath);
if (context.getDisplayName() == null) {
args[2] = " ";
@@ -676,7 +676,7 @@ public final class HTMLManagerServlet extends ManagerServlet {
* @see javax.servlet.Servlet#getServletInfo()
*/
public String getServletInfo() {
- return "HTMLManagerServlet, Copyright (c) 1999-2011, The Apache Software Foundation";
+ return "HTMLManagerServlet, Copyright (c) 1999-2012, The Apache Software Foundation";
}
/**
diff --git a/java/org/apache/catalina/manager/host/Constants.java b/java/org/apache/catalina/manager/host/Constants.java
index 07ea555..7ed297f 100644
--- a/java/org/apache/catalina/manager/host/Constants.java
+++ b/java/org/apache/catalina/manager/host/Constants.java
@@ -186,7 +186,7 @@ public class Constants {
public static final String HTML_TAIL_SECTION =
"<hr size=\"1\" noshade=\"noshade\">\n" +
"<center><font size=\"-1\" color=\"#525D76\">\n" +
- " <em>Copyright © 1999-2011, Apache Software Foundation</em>" +
+ " <em>Copyright © 1999-2012, Apache Software Foundation</em>" +
"</font></center>\n" +
"\n" +
"</body>\n" +
diff --git a/java/org/apache/catalina/realm/DataSourceRealm.java b/java/org/apache/catalina/realm/DataSourceRealm.java
index 6371524..81d98cc 100644
--- a/java/org/apache/catalina/realm/DataSourceRealm.java
+++ b/java/org/apache/catalina/realm/DataSourceRealm.java
@@ -45,7 +45,7 @@ import org.apache.catalina.util.StringManager;
* @author Craig R. McClanahan
* @author Carson McDonald
* @author Ignacio Ortega
-* @version $Revision: 892553 $
+* @version $Revision: 1377917 $
*/
public class DataSourceRealm
@@ -542,7 +542,13 @@ public class DataSourceRealm
*/
protected ArrayList<String> getRoles(Connection dbConnection,
String username) {
-
+
+ if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) {
+ // Using an authentication only configuration and no role store has
+ // been defined so don't spend cycles looking
+ return null;
+ }
+
ResultSet rs = null;
PreparedStatement stmt = null;
ArrayList<String> list = null;
@@ -622,8 +628,13 @@ public class DataSourceRealm
}
- // ------------------------------------------------------ Lifecycle Methods
+ private boolean isRoleStoreDefined() {
+ return userRoleTable != null || roleNameCol != null;
+ }
+
+
+ // ------------------------------------------------------ Lifecycle Methods
/**
*
diff --git a/java/org/apache/catalina/realm/JDBCRealm.java b/java/org/apache/catalina/realm/JDBCRealm.java
index 31a50cb..a907890 100644
--- a/java/org/apache/catalina/realm/JDBCRealm.java
+++ b/java/org/apache/catalina/realm/JDBCRealm.java
@@ -47,7 +47,7 @@ import org.apache.catalina.util.StringManager;
* @author Craig R. McClanahan
* @author Carson McDonald
* @author Ignacio Ortega
-* @version $Id: JDBCRealm.java 939518 2010-04-30 00:08:58Z kkolinko $
+* @version $Id: JDBCRealm.java 1377888 2012-08-27 22:04:52Z markt $
*/
public class JDBCRealm
@@ -619,6 +619,12 @@ public class JDBCRealm
*/
protected ArrayList<String> getRoles(String username) {
+ if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) {
+ // Using an authentication only configuration and no role store has
+ // been defined so don't spend cycles looking
+ return null;
+ }
+
PreparedStatement stmt = null;
ResultSet rs = null;
@@ -678,8 +684,7 @@ public class JDBCRealm
numberOfTries--;
}
- return (null);
-
+ return null;
}
@@ -765,9 +770,13 @@ public class JDBCRealm
}
- // ------------------------------------------------------ Lifecycle Methods
+ private boolean isRoleStoreDefined() {
+ return userRoleTable != null || roleNameCol != null;
+ }
+ // ------------------------------------------------------ Lifecycle Methods
+
/**
*
* Prepare for active use of the public methods of this Component.
diff --git a/java/org/apache/catalina/realm/LocalStrings.properties b/java/org/apache/catalina/realm/LocalStrings.properties
index 367eeee..c834928 100644
--- a/java/org/apache/catalina/realm/LocalStrings.properties
+++ b/java/org/apache/catalina/realm/LocalStrings.properties
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-# $Id: LocalStrings.properties 892553 2009-12-20 02:32:53Z markt $
+# $Id: LocalStrings.properties 1345575 2012-06-02 21:06:49Z kkolinko $
# language
@@ -75,6 +75,11 @@ realmBase.notAuthenticated=Configuration error: Cannot perform access control w
realmBase.notStarted=This Realm has not yet been started
realmBase.authenticateFailure=Username {0} NOT successfully authenticated
realmBase.authenticateSuccess=Username {0} successfully authenticated
+realmBase.gotX509Username=Got user name from X509 certificate: {0}
+realmBase.createUsernameRetriever.ClassCastException=Class {0} is not an X509UsernameRetriever.
+realmBase.createUsernameRetriever.ClassNotFoundException=Cannot find class {0}.
+realmBase.createUsernameRetriever.InstantiationException=Cannot create object of type {0}.
+realmBase.createUsernameRetriever.IllegalAccessException=Cannot create object of type {0}.
userDatabaseRealm.authenticateError=Login configuration error authenticating username {0}
userDatabaseRealm.lookup=Exception looking up UserDatabase under key {0}
userDatabaseRealm.noDatabase=No UserDatabase component found under key {0}
diff --git a/java/org/apache/catalina/realm/RealmBase.java b/java/org/apache/catalina/realm/RealmBase.java
index 56bb3e4..ba2df26 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -45,7 +45,6 @@ import org.apache.catalina.Realm;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.core.ContainerBase;
-import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.catalina.deploy.SecurityCollection;
import org.apache.catalina.util.HexUtils;
@@ -62,7 +61,7 @@ import org.apache.tomcat.util.modeler.Registry;
* location) are identical to those currently supported by Tomcat 3.X.
*
* @author Craig R. McClanahan
- * @version $Id: RealmBase.java 1158180 2011-08-16 10:11:43Z markt $
+ * @version $Id: RealmBase.java 1381035 2012-09-05 07:10:10Z kkolinko $
*/
public abstract class RealmBase
@@ -154,7 +153,17 @@ public abstract class RealmBase
*/
protected boolean validate = true;
-
+ /**
+ * The name of the class to use for retrieving user names from X509
+ * certificates.
+ */
+ protected String x509UsernameRetrieverClassName;
+
+ /**
+ * The object that will extract user names from X509 client certificates.
+ */
+ protected X509UsernameRetriever x509UsernameRetriever;
+
/**
* The all role mode.
*/
@@ -278,6 +287,28 @@ public abstract class RealmBase
}
+ /**
+ * Gets the name of the class that will be used to extract user names
+ * from X509 client certificates.
+ * @return The name of the class that will be used to extract user names
+ * from X509 client certificates.
+ */
+ public String getX509UsernameRetrieverClassName() {
+ return x509UsernameRetrieverClassName;
+ }
+
+ /**
+ * Sets the name of the class that will be used to extract user names
+ * from X509 client certificates. The class must implement
+ * X509UsernameRetriever.
+ *
+ * @param className The name of the class that will be used to extract user names
+ * from X509 client certificates.
+ * @see X509UsernameRetriever
+ */
+ public void setX509UsernameRetrieverClassName(String className) {
+ this.x509UsernameRetrieverClassName = className;
+ }
// --------------------------------------------------------- Public Methods
@@ -734,31 +765,6 @@ public abstract class RealmBase
if (constraints == null || constraints.length == 0)
return (true);
- // Specifically allow access to the form login and form error pages
- // and the "j_security_check" action
- LoginConfig config = context.getLoginConfig();
- if ((config != null) &&
- (Constants.FORM_METHOD.equals(config.getAuthMethod()))) {
- String requestURI = request.getRequestPathMB().toString();
- String loginPage = config.getLoginPage();
- if (loginPage.equals(requestURI)) {
- if (log.isDebugEnabled())
- log.debug(" Allow access to login page " + loginPage);
- return (true);
- }
- String errorPage = config.getErrorPage();
- if (errorPage.equals(requestURI)) {
- if (log.isDebugEnabled())
- log.debug(" Allow access to error page " + errorPage);
- return (true);
- }
- if (requestURI.endsWith(Constants.FORM_ACTION)) {
- if (log.isDebugEnabled())
- log.debug(" Allow access to username/password submission");
- return (true);
- }
- }
-
// Which user principal have we already authenticated?
Principal principal = request.getPrincipal();
boolean status = false;
@@ -1213,9 +1219,14 @@ public abstract class RealmBase
* Return the Principal associated with the given certificate.
*/
protected Principal getPrincipal(X509Certificate usercert) {
- return(getPrincipal(usercert.getSubjectDN().getName()));
+ String username = x509UsernameRetriever.getUsername(usercert);
+
+ if(log.isDebugEnabled())
+ log.debug(sm.getString("realmBase.gotX509Username", username));
+
+ return(getPrincipal(username));
}
-
+
/**
* Return the Principal associated with the given user name.
@@ -1359,7 +1370,14 @@ public abstract class RealmBase
if (container != null) {
this.containerLog = container.getLogger();
}
-
+
+ try {
+ x509UsernameRetriever =
+ createUsernameRetriever(x509UsernameRetrieverClassName);
+ } catch (LifecycleException ex) {
+ log.error(ex.getMessage(), ex);
+ }
+
initialized=true;
if( container== null ) {
ObjectName parent=null;
@@ -1460,4 +1478,23 @@ public abstract class RealmBase
}
}
+ private static X509UsernameRetriever createUsernameRetriever(String className)
+ throws LifecycleException {
+ if(null == className || "".equals(className.trim()))
+ return new X509SubjectDnRetriever();
+
+ try {
+ @SuppressWarnings("unchecked")
+ Class<? extends X509UsernameRetriever> clazz = (Class<? extends X509UsernameRetriever>)Class.forName(className);
+ return clazz.newInstance();
+ } catch (ClassNotFoundException e) {
+ throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.ClassNotFoundException", className), e);
+ } catch (InstantiationException e) {
+ throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.InstantiationException", className), e);
+ } catch (IllegalAccessException e) {
+ throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.IllegalAccessException", className), e);
+ } catch (ClassCastException e) {
+ throw new LifecycleException(sm.getString("realmBase.createUsernameRetriever.ClassCastException", className), e);
+ }
+ }
}
diff --git a/java/javax/el/ELContextEvent.java b/java/org/apache/catalina/realm/X509SubjectDnRetriever.java
similarity index 69%
copy from java/javax/el/ELContextEvent.java
copy to java/org/apache/catalina/realm/X509SubjectDnRetriever.java
index 6c5c17e..03d33d3 100644
--- a/java/javax/el/ELContextEvent.java
+++ b/java/org/apache/catalina/realm/X509SubjectDnRetriever.java
@@ -5,34 +5,26 @@
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+package org.apache.catalina.realm;
-package javax.el;
-
-import java.util.EventObject;
+import java.security.cert.X509Certificate;
/**
- *
+ * An X509UsernameRetriever that returns a certificate's entire
+ * SubjectDN as the username.
*/
-public class ELContextEvent extends EventObject {
+public class X509SubjectDnRetriever implements X509UsernameRetriever {
- /**
- * @param source
- */
- public ELContextEvent(ELContext source) {
- super(source);
- }
-
- public ELContext getELContext() {
- return (ELContext) this.getSource();
+ public String getUsername(X509Certificate clientCert) {
+ return clientCert.getSubjectDN().getName();
}
-
}
diff --git a/java/org/apache/catalina/SessionListener.java b/java/org/apache/catalina/realm/X509UsernameRetriever.java
similarity index 63%
copy from java/org/apache/catalina/SessionListener.java
copy to java/org/apache/catalina/realm/X509UsernameRetriever.java
index a7a4693..671fe08 100644
--- a/java/org/apache/catalina/SessionListener.java
+++ b/java/org/apache/catalina/realm/X509UsernameRetriever.java
@@ -5,38 +5,29 @@
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+package org.apache.catalina.realm;
-
-package org.apache.catalina;
-
-
-
+import java.security.cert.X509Certificate;
/**
- * Interface defining a listener for significant Session generated events.
- *
- * @author Craig R. McClanahan
- * @version $Id: SessionListener.java 939350 2010-04-29 15:36:29Z kkolinko $
+ * Provides an interface for retrieving a user name from an X509Certificate.
*/
-
-public interface SessionListener {
-
-
+public interface X509UsernameRetriever {
/**
- * Acknowledge the occurrence of the specified event.
+ * Gets a user name from an X509Certificate.
*
- * @param event SessionEvent that has occurred
+ * @param cert The certificate containing the user name.
+ * @return An appropriate user name obtained from one or more fields
+ * in the certificate.
*/
- public void sessionEvent(SessionEvent event);
-
-
+ public String getUsername(X509Certificate cert);
}
diff --git a/java/org/apache/catalina/session/ManagerBase.java b/java/org/apache/catalina/session/ManagerBase.java
index cab1f71..05f4738 100644
--- a/java/org/apache/catalina/session/ManagerBase.java
+++ b/java/org/apache/catalina/session/ManagerBase.java
@@ -25,6 +25,7 @@ import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.MessageDigest;
@@ -66,7 +67,7 @@ import org.apache.tomcat.util.modeler.Registry;
* be subclassed to create more sophisticated Manager implementations.
*
* @author Craig R. McClanahan
- * @version $Id: ManagerBase.java 1137629 2011-06-20 13:38:23Z markt $
+ * @version $Id: ManagerBase.java 1394455 2012-10-05 11:44:10Z markt $
*/
public abstract class ManagerBase implements Manager, MBeanRegistration {
@@ -74,8 +75,20 @@ public abstract class ManagerBase implements Manager, MBeanRegistration {
// ----------------------------------------------------- Instance Variables
+ private static final String devRandomSourceDefault;
+ static {
+ // - Use the default value only if it is a Unix-like system
+ // - Check that it exists
+ File f = new File("/dev/urandom");
+ if (f.isAbsolute() && f.exists()) {
+ devRandomSourceDefault = f.getPath();
+ } else {
+ devRandomSourceDefault = null;
+ }
+ }
+
protected DataInputStream randomIS=null;
- protected String devRandomSource="/dev/urandom";
+ protected String devRandomSource = devRandomSourceDefault;
/**
* The default message digest algorithm to use if we cannot use
@@ -237,34 +250,17 @@ public abstract class ManagerBase implements Manager, MBeanRegistration {
private class PrivilegedSetRandomFile
- implements PrivilegedAction<DataInputStream>{
-
+ implements PrivilegedAction<Void>{
+
+ private final String s;
+
public PrivilegedSetRandomFile(String s) {
- devRandomSource = s;
+ this.s = s;
}
-
- public DataInputStream run(){
- try {
- File f=new File( devRandomSource );
- if( ! f.exists() ) return null;
- randomIS= new DataInputStream( new FileInputStream(f));
- randomIS.readLong();
- if( log.isDebugEnabled() )
- log.debug( "Opening " + devRandomSource );
- return randomIS;
- } catch (IOException ex){
- log.warn("Error reading " + devRandomSource, ex);
- if (randomIS != null) {
- try {
- randomIS.close();
- } catch (Exception e) {
- log.warn("Failed to close randomIS.");
- }
- }
- devRandomSource = null;
- randomIS=null;
- return null;
- }
+
+ public Void run(){
+ doSetRandomFile(s);
+ return null;
}
}
@@ -416,7 +412,12 @@ public abstract class ManagerBase implements Manager, MBeanRegistration {
// Ignore
}
if (apr) {
- setEntropy(new String(result));
+ try {
+ setEntropy(new String(result, "ISO-8859-1"));
+ } catch (UnsupportedEncodingException ux) {
+ // ISO-8859-1 should always be supported
+ throw new Error(ux);
+ }
} else {
setEntropy(this.toString());
}
@@ -538,27 +539,49 @@ public abstract class ManagerBase implements Manager, MBeanRegistration {
// as a hack, you can use a static file - and generate the same
// session ids ( good for strange debugging )
if (Globals.IS_SECURITY_ENABLED){
- randomIS = AccessController.doPrivileged(new PrivilegedSetRandomFile(s));
+ AccessController.doPrivileged(new PrivilegedSetRandomFile(s));
} else {
- try{
- devRandomSource=s;
- File f=new File( devRandomSource );
- if( ! f.exists() ) return;
- randomIS= new DataInputStream( new FileInputStream(f));
- randomIS.readLong();
- if( log.isDebugEnabled() )
- log.debug( "Opening " + devRandomSource );
- } catch( IOException ex ) {
- log.warn("Error reading " + devRandomSource, ex);
- if (randomIS != null) {
- try {
- randomIS.close();
- } catch (Exception e) {
- log.warn("Failed to close randomIS.");
- }
+ doSetRandomFile(s);
+ }
+ }
+
+ private void doSetRandomFile(String s) {
+ DataInputStream is = null;
+ try {
+ if (s == null || s.length() == 0) {
+ return;
+ }
+ File f = new File(s);
+ if( ! f.exists() ) return;
+ if( log.isDebugEnabled() ) {
+ log.debug( "Opening " + s );
+ }
+ is = new DataInputStream( new FileInputStream(f));
+ is.readLong();
+ } catch( IOException ex ) {
+ log.warn("Error reading " + s, ex);
+ if (is != null) {
+ try {
+ is.close();
+ } catch (Exception ex2) {
+ log.warn("Failed to close " + s, ex2);
}
+ is = null;
+ }
+ } finally {
+ DataInputStream oldIS = randomIS;
+ if (is != null) {
+ devRandomSource = s;
+ } else {
devRandomSource = null;
- randomIS=null;
+ }
+ randomIS = is;
+ if (oldIS != null) {
+ try {
+ oldIS.close();
+ } catch (Exception ex) {
+ log.warn("Failed to close RandomIS", ex);
+ }
}
}
}
@@ -580,7 +603,7 @@ public abstract class ManagerBase implements Manager, MBeanRegistration {
long t1 = seed;
char entropy[] = getEntropy().toCharArray();
for (int i = 0; i < entropy.length; i++) {
- long update = ((byte) entropy[i]) << ((i % 8) * 8);
+ long update = ((long) entropy[i]) << ((i % 8) * 8);
seed ^= update;
}
try {
diff --git a/java/org/apache/catalina/session/StandardManager.java b/java/org/apache/catalina/session/StandardManager.java
index 5053fc7..dd381a0 100644
--- a/java/org/apache/catalina/session/StandardManager.java
+++ b/java/org/apache/catalina/session/StandardManager.java
@@ -59,7 +59,7 @@ import org.apache.catalina.security.SecurityUtil;
*
* @author Craig R. McClanahan
* @author Jean-Francois Arcand
- * @version $Id: StandardManager.java 1056768 2011-01-08 19:15:44Z markt $
+ * @version $Id: StandardManager.java 1353128 2012-06-23 13:26:02Z kkolinko $
*/
public class StandardManager
@@ -284,8 +284,9 @@ public class StandardManager
if ((maxActiveSessions >= 0) &&
(sessions.size() >= maxActiveSessions)) {
rejectedSessions++;
- throw new IllegalStateException
- (sm.getString("standardManager.createSession.ise"));
+ throw new TooManyActiveSessionsException(
+ sm.getString("standardManager.createSession.ise"),
+ maxActiveSessions);
}
return (super.createSession(sessionId));
diff --git a/java/org/apache/catalina/session/TooManyActiveSessionsException.java b/java/org/apache/catalina/session/TooManyActiveSessionsException.java
new file mode 100644
index 0000000..a6198cc
--- /dev/null
+++ b/java/org/apache/catalina/session/TooManyActiveSessionsException.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.session;
+
+/**
+ * An exception that indicates the maximum number of active sessions has been
+ * reached and the server is refusing to create any new sessions.
+ */
+public class TooManyActiveSessionsException
+ extends IllegalStateException
+{
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * The maximum number of active sessions the server will tolerate.
+ */
+ private final int maxActiveSessions;
+
+ /**
+ * Creates a new TooManyActiveSessionsException.
+ *
+ * @param message A description for the exception.
+ * @param maxActive The maximum number of active sessions allowed by the
+ * session manager.
+ */
+ public TooManyActiveSessionsException(String message,
+ int maxActive)
+ {
+ super(message);
+
+ maxActiveSessions = maxActive;
+ }
+
+ /**
+ * Gets the maximum number of sessions allowed by the session manager.
+ *
+ * @return The maximum number of sessions allowed by the session manager.
+ */
+ public int getMaxActiveSessions()
+ {
+ return maxActiveSessions;
+ }
+}
diff --git a/java/org/apache/catalina/startup/ContextConfig.java b/java/org/apache/catalina/startup/ContextConfig.java
index 600fcaf..11b041b 100644
--- a/java/org/apache/catalina/startup/ContextConfig.java
+++ b/java/org/apache/catalina/startup/ContextConfig.java
@@ -64,7 +64,7 @@ import org.xml.sax.SAXParseException;
*
* @author Craig R. McClanahan
* @author Jean-Francois Arcand
- * @version $Id: ContextConfig.java 964731 2010-07-16 10:12:01Z markt $
+ * @version $Id: ContextConfig.java 1228244 2012-01-06 16:09:08Z kkolinko $
*/
public class ContextConfig
@@ -964,14 +964,14 @@ public class ContextConfig
docBase = "ROOT";
} else {
if (path.startsWith("/")) {
- docBase = path.substring(1);
+ docBase = path.substring(1).replace('/','#');
} else {
- docBase = path;
+ docBase = path.replace('/','#');
}
}
File file = null;
- if (docBase.toLowerCase().endsWith(".war")) {
+ if (originalDocBase.toLowerCase().endsWith(".war")) {
file = new File(System.getProperty("java.io.tmpdir"),
deploymentCount++ + "-" + docBase + ".war");
} else {
diff --git a/java/org/apache/catalina/startup/ExpandWar.java b/java/org/apache/catalina/startup/ExpandWar.java
index e10f533..8d26134 100644
--- a/java/org/apache/catalina/startup/ExpandWar.java
+++ b/java/org/apache/catalina/startup/ExpandWar.java
@@ -42,7 +42,7 @@ import org.apache.juli.logging.LogFactory;
* @author Craig R. McClanahan
* @author Remy Maucherat
* @author Glenn L. Nielsen
- * @version $Revision: 892815 $
+ * @version $Revision: 1371355 $
*/
public class ExpandWar {
@@ -132,7 +132,8 @@ public class ExpandWar {
}
// Create the new document base directory
- docBase.mkdir();
+ if(!docBase.mkdir() && !docBase.isDirectory())
+ throw new IOException(sm.getString("expandWar.createFailed", docBase));
// Expand the WAR into the new document base directory
String canonicalDocBasePrefix = docBase.getCanonicalPath();
@@ -162,7 +163,9 @@ public class ExpandWar {
if (last >= 0) {
File parent = new File(docBase,
name.substring(0, last));
- parent.mkdirs();
+
+ if(!parent.mkdirs() && !parent.isDirectory())
+ throw new IOException(sm.getString("expandWar.createFailed", parent));
}
if (name.endsWith("/")) {
continue;
diff --git a/java/org/apache/catalina/startup/LocalStrings.properties b/java/org/apache/catalina/startup/LocalStrings.properties
index 4d24771..c165054 100644
--- a/java/org/apache/catalina/startup/LocalStrings.properties
+++ b/java/org/apache/catalina/startup/LocalStrings.properties
@@ -59,6 +59,7 @@ engineConfig.cce=Lifecycle event data object {0} is not an Engine
engineConfig.start=EngineConfig: Processing START
engineConfig.stop=EngineConfig: Processing STOP
expandWar.copy=Error copying {0} to {1}
+expandWar.createFailed=Unable to create the directory [{0}]
expandWar.deleteFailed=[{0}] could not be completely deleted. The presence of the remaining files may cause problems
expandWar.illegalPath=The archive [{0}] is malformed and will be ignored: an entry contains an illegal path [{1}]
hostConfig.appBase=Application base directory {0} does not exist
diff --git a/java/org/apache/catalina/startup/TldConfig.java b/java/org/apache/catalina/startup/TldConfig.java
index b9e3f96..935bac6 100644
--- a/java/org/apache/catalina/startup/TldConfig.java
+++ b/java/org/apache/catalina/startup/TldConfig.java
@@ -87,6 +87,8 @@ public final class TldConfig implements LifecycleListener {
noTldJars.add("jasper.jar");
noTldJars.add("jasper-el.jar");
noTldJars.add("ecj-3.7.jar");
+ noTldJars.add("ecj-3.7.1.jar");
+ noTldJars.add("ecj-3.7.2.jar");
noTldJars.add("jsp-api.jar");
noTldJars.add("servlet-api.jar");
noTldJars.add("tomcat-coyote.jar");
diff --git a/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java b/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java
index 69491ea..598a75e 100644
--- a/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java
+++ b/java/org/apache/catalina/tribes/group/interceptors/TcpPingInterceptor.java
@@ -27,6 +27,7 @@ import org.apache.catalina.tribes.ChannelMessage;
import org.apache.catalina.tribes.Member;
import org.apache.catalina.tribes.group.ChannelInterceptorBase;
import org.apache.catalina.tribes.io.ChannelData;
+import org.apache.catalina.tribes.io.XByteBuffer;
/**
*
@@ -62,7 +63,7 @@ public class TcpPingInterceptor extends ChannelInterceptorBase {
public synchronized void start(int svc) throws ChannelException {
super.start(svc);
running = true;
- if ( thread == null ) {
+ if ( thread == null && useThread) {
thread = new PingThread();
thread.setDaemon(true);
thread.setName("TcpPingInterceptor.PingThread-"+cnt.addAndGet(1));
@@ -83,8 +84,10 @@ public class TcpPingInterceptor extends ChannelInterceptorBase {
public void stop(int svc) throws ChannelException {
running = false;
- if ( thread != null ) thread.interrupt();
- thread = null;
+ if ( thread != null ) {
+ thread.interrupt();
+ thread = null;
+ }
super.stop(svc);
}
@@ -118,13 +121,17 @@ public class TcpPingInterceptor extends ChannelInterceptorBase {
}
protected void sendPing() {
- if (failureDetector.get()!=null) {
- //we have a reference to the failure detector
- //piggy back on that dude
- failureDetector.get().checkMembers(true);
- }else {
- if (staticOnly && staticMembers.get()!=null) {
- sendPingMessage(staticMembers.get().getMembers());
+ TcpFailureDetector tcpFailureDetector =
+ failureDetector != null ? failureDetector.get() : null;
+ if (tcpFailureDetector != null) {
+ // We have a reference to the failure detector
+ // Piggy back on it
+ tcpFailureDetector.checkMembers(true);
+ } else {
+ StaticMembershipInterceptor smi =
+ staticOnly && staticMembers != null ? staticMembers.get() : null;
+ if (smi != null) {
+ sendPingMessage(smi.getMembers());
} else {
sendPingMessage(getMembers());
}
@@ -137,6 +144,7 @@ public class TcpPingInterceptor extends ChannelInterceptorBase {
data.setAddress(getLocalMember(false));
data.setTimestamp(System.currentTimeMillis());
data.setOptions(getOptionFlag());
+ data.setMessage(new XByteBuffer(TCP_PING_DATA, false));
try {
super.sendMessage(members, data, null);
}catch (ChannelException x) {
diff --git a/java/org/apache/catalina/tribes/membership/McastServiceImpl.java b/java/org/apache/catalina/tribes/membership/McastServiceImpl.java
index de94974..93f32d6 100644
--- a/java/org/apache/catalina/tribes/membership/McastServiceImpl.java
+++ b/java/org/apache/catalina/tribes/membership/McastServiceImpl.java
@@ -40,7 +40,7 @@ import java.net.BindException;
* Need to fix this, could use java.nio and only need one thread to send and receive, or
* just use a timeout on the receive
* @author Filip Hanik
- * @version $Id: McastServiceImpl.java 939515 2010-04-29 23:59:49Z kkolinko $
+ * @version $Id: McastServiceImpl.java 1233433 2012-01-19 15:32:27Z markt $
*/
public class McastServiceImpl
{
@@ -353,7 +353,7 @@ public class McastServiceImpl
for (int i = 0; i < expired.length; i++) {
final MemberImpl member = expired[i];
if (log.isDebugEnabled())
- log.debug("Mcast exipre member " + expired[i]);
+ log.debug("Mcast expire member " + expired[i]);
try {
Thread t = new Thread() {
public void run() {
diff --git a/java/org/apache/catalina/util/ExtensionValidator.java b/java/org/apache/catalina/util/ExtensionValidator.java
index b4d0e76..c855b76 100644
--- a/java/org/apache/catalina/util/ExtensionValidator.java
+++ b/java/org/apache/catalina/util/ExtensionValidator.java
@@ -42,12 +42,12 @@ import org.apache.naming.resources.Resource;
* are met. This class builds a master list of extensions available to an
* applicaiton and then validates those extensions.
*
- * See http://java.sun.com/j2se/1.4/docs/guide/extensions/spec.html for
+ * See http://docs.oracle.com/javase/1.4.2/docs/guide/extensions/spec.html for
* a detailed explanation of the extension mechanism in Java.
*
* @author Greg Murray
* @author Justyna Horwat
- * @version $Id: ExtensionValidator.java 939353 2010-04-29 15:50:43Z kkolinko $
+ * @version $Id: ExtensionValidator.java 1338182 2012-05-14 12:47:12Z kkolinko $
*
*/
public final class ExtensionValidator {
diff --git a/java/org/apache/catalina/util/HexUtils.java b/java/org/apache/catalina/util/HexUtils.java
index 685e63b..54430f7 100644
--- a/java/org/apache/catalina/util/HexUtils.java
+++ b/java/org/apache/catalina/util/HexUtils.java
@@ -30,27 +30,6 @@ import java.io.ByteArrayOutputStream;
public final class HexUtils {
// Code from Ajp11, from Apache's JServ
- // Table for HEX to DEC byte translation
- public static final int[] DEC = {
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- 00, 01, 02, 03, 04, 05, 06, 07, 8, 9, -1, -1, -1, -1, -1, -1,
- -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- };
-
-
/**
* The string manager for this package.
@@ -121,41 +100,6 @@ public final class HexUtils {
}
- /**
- * Convert 4 hex digits to an int, and return the number of converted
- * bytes.
- *
- * @param hex Byte array containing exactly four hexadecimal digits
- *
- * @exception IllegalArgumentException if an invalid hexadecimal digit
- * is included
- */
- public static int convert2Int( byte[] hex ) {
- // Code from Ajp11, from Apache's JServ
-
- // assert b.length==4
- // assert valid data
- int len;
- if(hex.length < 4 ) return 0;
- if( DEC[hex[0]]<0 )
- throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len = DEC[hex[0]];
- len = len << 4;
- if( DEC[hex[1]]<0 )
- throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len += DEC[hex[1]];
- len = len << 4;
- if( DEC[hex[2]]<0 )
- throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len += DEC[hex[2]];
- len = len << 4;
- if( DEC[hex[3]]<0 )
- throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len += DEC[hex[3]];
- return len;
- }
-
-
/**
* [Private] Convert the specified value (0 .. 15) to the corresponding
diff --git a/java/org/apache/catalina/valves/ErrorReportValve.java b/java/org/apache/catalina/valves/ErrorReportValve.java
index f6df3bf..f1af4a2 100644
--- a/java/org/apache/catalina/valves/ErrorReportValve.java
+++ b/java/org/apache/catalina/valves/ErrorReportValve.java
@@ -21,6 +21,7 @@ package org.apache.catalina.valves;
import java.io.IOException;
import java.io.Writer;
+import java.util.Scanner;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
@@ -45,7 +46,7 @@ import org.apache.catalina.util.StringManager;
* @author <a href="mailto:nicolaken at supereva.it">Nicola Ken Barozzi</a> Aisa
* @author <a href="mailto:stefano at apache.org">Stefano Mazzocchi</a>
* @author Yoav Shapira
- * @version $Id: ErrorReportValve.java 939353 2010-04-29 15:50:43Z kkolinko $
+ * @version $Id: ErrorReportValve.java 1377876 2012-08-27 21:21:44Z markt $
*/
public class ErrorReportValve
@@ -159,13 +160,23 @@ public class ErrorReportValve
return;
String message = RequestUtil.filter(response.getMessage());
- if (message == null)
- message = "";
-
+ if (message == null) {
+ if (throwable != null) {
+ String exceptionMessage = throwable.getMessage();
+ if (exceptionMessage != null && exceptionMessage.length() > 0) {
+ message = RequestUtil.filter(
+ (new Scanner(exceptionMessage)).nextLine());
+ }
+ }
+ if (message == null) {
+ message = "";
+ }
+ }
+
// Do nothing if there is no report for the specified status code
String report = null;
try {
- report = sm.getString("http." + statusCode, message);
+ report = sm.getString("http." + statusCode);
} catch (Throwable t) {
;
}
diff --git a/java/org/apache/catalina/valves/LocalStrings.properties b/java/org/apache/catalina/valves/LocalStrings.properties
index bfd165e..11d5fc7 100644
--- a/java/org/apache/catalina/valves/LocalStrings.properties
+++ b/java/org/apache/catalina/valves/LocalStrings.properties
@@ -56,46 +56,68 @@ remoteIpValve.syntax=Invalid regular expressions [{0}] provided.
sslValve.invalidProvider=The SSL provider specified on the connector associated with this request of [{0}] is invalid. The certificate data could not be processed.
+#Stuck thread detection Valve
+stuckThreadDetectionValve.notifyStuckThreadDetected=Thread "{0}" (id={6}) has been active for {1} milliseconds (since {2}) to serve the same request for {4} and may be stuck (configured threshold for this StuckThreadDetectionValve is {5} seconds). There is/are {3} thread(s) in total that are monitored by this Valve and may be stuck.
+stuckThreadDetectionValve.notifyStuckThreadCompleted=Thread "{0}" (id={3}) was previously reported to be stuck but has completed. It was active for approximately {1} milliseconds.{2,choice,0#|0< There is/are still {2} thread(s) that are monitored by this Valve and may be stuck.}
+
# HTTP status reports
-http.100=The client may continue ({0}).
-http.101=The server is switching protocols according to the "Upgrade" header ({0}).
-http.201=The request succeeded and a new resource ({0}) has been created on the server.
-http.202=This request was accepted for processing, but has not been completed ({0}).
-http.203=The meta information presented by the client did not originate from the server ({0}).
-http.204=The request succeeded but there is no information to return ({0}).
-http.205=The client should reset the document view which caused this request to be sent ({0}).
-http.206=The server has fulfilled a partial GET request for this resource ({0}).
-http.207=Multiple status values have been returned ({0}).
-http.300=The requested resource ({0}) corresponds to any one of a set of representations, each with its own specific location.
-http.301=The requested resource ({0}) has moved permanently to a new location.
-http.302=The requested resource ({0}) has moved temporarily to a new location.
-http.303=The response to this request can be found under a different URI ({0}).
-http.304=The requested resource ({0}) is available and has not been modified.
-http.305=The requested resource ({0}) must be accessed through the proxy given by the "Location" header.
-http.400=The request sent by the client was syntactically incorrect ({0}).
-http.401=This request requires HTTP authentication ({0}).
-http.402=Payment is required for access to this resource ({0}).
-http.403=Access to the specified resource ({0}) has been forbidden.
-http.404=The requested resource ({0}) is not available.
-http.405=The specified HTTP method is not allowed for the requested resource ({0}).
-http.406=The resource identified by this request is only capable of generating responses with characteristics not acceptable according to the request "accept" headers ({0}).
-http.407=The client must first authenticate itself with the proxy ({0}).
-http.408=The client did not produce a request within the time that the server was prepared to wait ({0}).
-http.409=The request could not be completed due to a conflict with the current state of the resource ({0}).
-http.410=The requested resource ({0}) is no longer available, and no forwarding address is known.
-http.411=This request cannot be handled without a defined content length ({0}).
-http.412=A specified precondition has failed for this request ({0}).
+# All status codes registered with IANA can be found at
+# http://www.iana.org/assignments/http-status-codes/http-status-codes.xml
+# The list might be kept in sync with the one in
+# org/apache/tomcat/util/http/res/LocalStrings.properties.
+http.100=The client may continue.
+http.101=The server is switching protocols according to the "Upgrade" header.
+http.102=The server has accepted the complete request, but has not yet completed it.
+http.201=The request succeeded and a new resource has been created on the server.
+http.202=This request was accepted for processing, but has not been completed.
+http.203=The meta information presented by the client did not originate from the server.
+http.204=The request succeeded but there is no information to return.
+http.205=The client should reset the document view which caused this request to be sent.
+http.206=The server has fulfilled a partial GET request for this resource.
+http.207=Multiple status values have been returned.
+http.208=This collection binding was already reported.
+http.226=The response is a representation of the result of one or more instance-manipulations applied to the current instance.
+http.300=The requested resource corresponds to any one of a set of representations, each with its own specific location.
+http.301=The requested resource has moved permanently to a new location.
+http.302=The requested resource has moved temporarily to a new location.
+http.303=The response to this request can be found under a different URI.
+http.304=The requested resource is available and has not been modified.
+http.305=The requested resource must be accessed through the proxy given by the "Location" header.
+http.307=The requested resource resides temporarily under a different URI.
+http.308=The target resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs.
+http.400=The request sent by the client was syntactically incorrect.
+http.401=This request requires HTTP authentication.
+http.402=Payment is required for access to this resource.
+http.403=Access to the specified resource has been forbidden.
+http.404=The requested resource is not available.
+http.405=The specified HTTP method is not allowed for the requested resource.
+http.406=The resource identified by this request is only capable of generating responses with characteristics not acceptable according to the request "accept" headers.
+http.407=The client must first authenticate itself with the proxy.
+http.408=The client did not produce a request within the time that the server was prepared to wait.
+http.409=The request could not be completed due to a conflict with the current state of the resource.
+http.410=The requested resource is no longer available, and no forwarding address is known.
+http.411=This request cannot be handled without a defined content length.
+http.412=A specified precondition has failed for this request.
http.413=The request entity is larger than the server is willing or able to process.
-http.414=The server refused this request because the request URI was too long ({0}).
-http.415=The server refused this request because the request entity is in a format not supported by the requested resource for the requested method ({0}).
-http.416=The requested byte range cannot be satisfied ({0}).
-http.417=The expectation given in the "Expect" request header ({0}) could not be fulfilled.
-http.422=The server understood the content type and syntax of the request but was unable to process the contained instructions ({0}).
-http.423=The source or destination resource of a method is locked ({0}).
-http.500=The server encountered an internal error ({0}) that prevented it from fulfilling this request.
-http.501=The server does not support the functionality needed to fulfill this request ({0}).
-http.502=This server received an invalid response from a server it consulted when acting as a proxy or gateway ({0}).
-http.503=The requested service ({0}) is not currently available.
-http.504=The server received a timeout from an upstream server while acting as a gateway or proxy ({0}).
-http.505=The server does not support the requested HTTP protocol version ({0}).
-http.507=The resource does not have sufficient space to record the state of the resource after execution of this method ({0}).
+http.414=The server refused this request because the request URI was too long.
+http.415=The server refused this request because the request entity is in a format not supported by the requested resource for the requested method.
+http.416=The requested byte range cannot be satisfied.
+http.417=The expectation given in the "Expect" request header could not be fulfilled.
+http.422=The server understood the content type and syntax of the request but was unable to process the contained instructions.
+http.423=The source or destination resource of a method is locked.
+http.424=The method could not be performed on the resource because the requested action depended on another action and that action failed.
+http.426=The request can only be completed after a protocol upgrade.
+http.428=The request is required to be conditional.
+http.429=The user has sent too many requests in a given amount of time.
+http.431=The server refused this request because the request header fields are too large.
+http.500=The server encountered an internal error that prevented it from fulfilling this request.
+http.501=The server does not support the functionality needed to fulfill this request.
+http.502=This server received an invalid response from a server it consulted when acting as a proxy or gateway.
+http.503=The requested service is not currently available.
+http.504=The server received a timeout from an upstream server while acting as a gateway or proxy.
+http.505=The server does not support the requested HTTP protocol version.
+http.506=The chosen variant resource is configured to engage in transparent content negotiation itself, and is therefore not a proper end point in the negotiation process.
+http.507=The resource does not have sufficient space to record the state of the resource after execution of this method.
+http.508=The server terminated an operation because it encountered an infinite loop.
+http.510=The policy for accessing the resource has not been met in the request.
+http.511=The client needs to authenticate to gain network access.
\ No newline at end of file
diff --git a/java/org/apache/catalina/valves/LocalStrings_es.properties b/java/org/apache/catalina/valves/LocalStrings_es.properties
index 10b1670..354b0bf 100644
--- a/java/org/apache/catalina/valves/LocalStrings_es.properties
+++ b/java/org/apache/catalina/valves/LocalStrings_es.properties
@@ -39,45 +39,45 @@ errorReportValve.rootCause = causa ra\u00EDz
errorReportValve.note = nota
errorReportValve.rootCauseInLogs = La traza completa de la causa de este error se encuentra en los archivos de diario de {0}.
# HTTP status reports
-http.100 = El cliente puede continuar ({0}).
-http.101 = El servidor est\u00E1 conmutando protocolos con arreglo a la cabecera "Upgrade" ({0}).
-http.201 = El requerimiento tuvo \u00E9xito y un nuevo recurso ({0}) ha sido creado en el servidor.
-http.202 = Este requerimiento ha sido aceptado para ser procesado, pero no ha sido completado ({0}).
-http.203 = La informaci\u00F3n meta presentada por el cliente no se origin\u00F3 desde el servidor ({0}).
-http.204 = El requerimiento tuvo \u00E9xito pero no hay informaci\u00F3n que devolver ({0}).
-http.205 = El cliente no deber\u00EDa de limpiar la vista del documento que caus\u00F3 que este requerimiento fuera enviado ({0}).
-http.206 = El servidor ha rellenado paci\u00E1lmente un requerimiento GET para este recurso ({0}).
-http.207 = Se han devuelto valores m\u00FAltiples de estado ({0}).
-http.300 = El recurso requerido ({0}) corresponde a una cualquiera de un conjunto de representaciones, cada una con su propia localizaci\u00F3n espec\u00EDfica.
-http.301 = El recurso requerido ({0}) ha sido movido perman\u00E9ntemente a una nueva localizaci\u00F3n.
-http.302 = El recurso requerido ({0}) ha sido movido tempor\u00E1lmente a una nueva localizaci\u00F3n.
-http.303 = La respuesta a este requerimiento se puede hallar bajo una URI diferente ({0}).
-http.304 = El recurso requerido ({0}) est\u00E1 disponible y no ha sido modificado.
-http.305 = El recurso requerido ({0}) debe de ser accedido a trav\u00E9s del apoderado (proxy) dado mediante la cabecera "Location".
-http.400 = El requerimiento enviado por el cliente era sint\u00E1cticamente incorrecto ({0}).
-http.401 = Este requerimiento requiere autenticaci\u00F3n HTTP ({0}).
-http.402 = Se requiere pago para acceder a este recurso ({0}).
-http.403 = El acceso al recurso especificado ({0}) ha sido prohibido.
-http.404 = El recurso requerido ({0}) no est\u00E1 disponible.
-http.405 = El m\u00E9todo HTTP especificado no est\u00E1 permitido para el recurso requerido ({0}).
-http.406 = El recurso identificado por este requerimiento s\u00F3lo es capaz de generar respuestas con caracter\u00EDsticas no aceptables con arreglo a las cabeceras "accept" de requerimiento ({0}).
-http.407 = El cliente debe de ser primero autenticado en el apoderado ({0}).
-http.408 = El cliente no produjo un requerimiento dentro del tiempo en que el servidor estaba preparado esperando ({0}).
-http.409 = El requerimiento no pudo ser completado debido a un conflicto con el estado actual del recurso ({0}).
-http.410 = El recurso requerido ({0}) ya no est\u00E1 disponible y no se conoce direcci\u00F3n de reenv\u00EDo.
-http.411 = Este requerimiento no puede ser manejado sin un tama\u00F1o definido de contenido ({0}).
-http.412 = Una precondici\u00F3n especificada ha fallado para este requerimiento ({0}).
+http.100 = El cliente puede continuar.
+http.101 = El servidor est\u00E1 conmutando protocolos con arreglo a la cabecera "Upgrade".
+http.201 = El requerimiento tuvo \u00E9xito y un nuevo recurso ha sido creado en el servidor.
+http.202 = Este requerimiento ha sido aceptado para ser procesado, pero no ha sido completado.
+http.203 = La informaci\u00F3n meta presentada por el cliente no se origin\u00F3 desde el servidor.
+http.204 = El requerimiento tuvo \u00E9xito pero no hay informaci\u00F3n que devolver.
+http.205 = El cliente no deber\u00EDa de limpiar la vista del documento que caus\u00F3 que este requerimiento fuera enviado.
+http.206 = El servidor ha rellenado paci\u00E1lmente un requerimiento GET para este recurso.
+http.207 = Se han devuelto valores m\u00FAltiples de estado.
+http.300 = El recurso requerido corresponde a una cualquiera de un conjunto de representaciones, cada una con su propia localizaci\u00F3n espec\u00EDfica.
+http.301 = El recurso requerido ha sido movido perman\u00E9ntemente a una nueva localizaci\u00F3n.
+http.302 = El recurso requerido ha sido movido tempor\u00E1lmente a una nueva localizaci\u00F3n.
+http.303 = La respuesta a este requerimiento se puede hallar bajo una URI diferente.
+http.304 = El recurso requerido est\u00E1 disponible y no ha sido modificado.
+http.305 = El recurso requerido debe de ser accedido a trav\u00E9s del apoderado (proxy) dado mediante la cabecera "Location".
+http.400 = El requerimiento enviado por el cliente era sint\u00E1cticamente incorrecto.
+http.401 = Este requerimiento requiere autenticaci\u00F3n HTTP.
+http.402 = Se requiere pago para acceder a este recurso.
+http.403 = El acceso al recurso especificado ha sido prohibido.
+http.404 = El recurso requerido no est\u00E1 disponible.
+http.405 = El m\u00E9todo HTTP especificado no est\u00E1 permitido para el recurso requerido.
+http.406 = El recurso identificado por este requerimiento s\u00F3lo es capaz de generar respuestas con caracter\u00EDsticas no aceptables con arreglo a las cabeceras "accept" de requerimiento.
+http.407 = El cliente debe de ser primero autenticado en el apoderado.
+http.408 = El cliente no produjo un requerimiento dentro del tiempo en que el servidor estaba preparado esperando.
+http.409 = El requerimiento no pudo ser completado debido a un conflicto con el estado actual del recurso.
+http.410 = El recurso requerido ya no est\u00E1 disponible y no se conoce direcci\u00F3n de reenv\u00EDo.
+http.411 = Este requerimiento no puede ser manejado sin un tama\u00F1o definido de contenido.
+http.412 = Una precondici\u00F3n especificada ha fallado para este requerimiento.
http.413 = La entidad de requerimiento es mayor de lo que el servidor quiere o puede procesar.
-http.414 = El servidor rechaz\u00F3 este requerimiento porque la URI requerida era demasiado larga ({0}).
-http.415 = El servidor rechaz\u00F3 este requerimiento porque la entidad requerida se encuentra en un formato no soportado por el recurso requerido para el m\u00E9todo requerido ({0}).
-http.416 = El rango de byte requerido no puede ser satisfecho ({0}).
-http.417 = Lo que se espera dado por la cabecera "Expect" de requerimiento ({0}) no pudo ser completado.
-http.422 = El servidor entendi\u00F3 el tipo de contenido y la sint\u00E1xis del requerimiento pero no pudo procesar las instrucciones contenidas ({0}).
-http.423 = La fuente o recurso de destino de un m\u00E9todo est\u00E1 bloqueada ({0}).
-http.500 = El servidor encontr\u00F3 un error interno ({0}) que hizo que no pudiera rellenar este requerimiento.
-http.501 = El servidor no soporta la funcionalidad necesaria para rellenar este requerimiento ({0}).
-http.502 = Este servidor recibi\u00F3 una respuesta inv\u00E1lida desde un servidor que consult\u00F3 cuando actuaba como apoderado o pasarela ({0}).
-http.503 = El servicio requerido ({0}) no est\u00E1 disponible en este momento.
-http.504 = El servidor recibi\u00F3 un Tiempo Agotado desde un servidor superior cuando actuaba como pasarela o apoderado ({0}).
-http.505 = El servidor no soporta la versi\u00F3n de protocolo HTTP requerida ({0}).
-http.507 = El recurso no tiene espacio suficiente para registrar el estado del recurso tras la ejecuci\u00F3n de este m\u00E9todo ({0}).
+http.414 = El servidor rechaz\u00F3 este requerimiento porque la URI requerida era demasiado larga.
+http.415 = El servidor rechaz\u00F3 este requerimiento porque la entidad requerida se encuentra en un formato no soportado por el recurso requerido para el m\u00E9todo requerido.
+http.416 = El rango de byte requerido no puede ser satisfecho.
+http.417 = Lo que se espera dado por la cabecera "Expect" de requerimiento no pudo ser completado.
+http.422 = El servidor entendi\u00F3 el tipo de contenido y la sint\u00E1xis del requerimiento pero no pudo procesar las instrucciones contenidas.
+http.423 = La fuente o recurso de destino de un m\u00E9todo est\u00E1 bloqueada.
+http.500 = El servidor encontr\u00F3 un error interno que hizo que no pudiera rellenar este requerimiento.
+http.501 = El servidor no soporta la funcionalidad necesaria para rellenar este requerimiento.
+http.502 = Este servidor recibi\u00F3 una respuesta inv\u00E1lida desde un servidor que consult\u00F3 cuando actuaba como apoderado o pasarela.
+http.503 = El servicio requerido no est\u00E1 disponible en este momento.
+http.504 = El servidor recibi\u00F3 un Tiempo Agotado desde un servidor superior cuando actuaba como pasarela o apoderado.
+http.505 = El servidor no soporta la versi\u00F3n de protocolo HTTP requerida.
+http.507 = El recurso no tiene espacio suficiente para registrar el estado del recurso tras la ejecuci\u00F3n de este m\u00E9todo.
\ No newline at end of file
diff --git a/java/org/apache/catalina/valves/LocalStrings_fr.properties b/java/org/apache/catalina/valves/LocalStrings_fr.properties
index d3ba5c4..a9bc850 100644
--- a/java/org/apache/catalina/valves/LocalStrings_fr.properties
+++ b/java/org/apache/catalina/valves/LocalStrings_fr.properties
@@ -36,45 +36,45 @@ errorReportValve.note=note
errorReportValve.rootCauseInLogs=La trace compl\u00e8te de la cause m\u00e8re de cette erreur est disponible dans les fichiers journaux de {0}.
# HTTP status reports
-http.100=Le client peut continuer ({0}).
-http.101=Le serveur change de protocoles suivant la directive "Upgrade" de l''ent\u00eate ({0}).
-http.201=La requ\u00eate a r\u00e9ussi et une nouvelle ressource ({0}) a \u00e9t\u00e9 cr\u00e9\u00e9e sur le serveur.
-http.202=La requ\u00eate a \u00e9t\u00e9 accept\u00e9e pour traitement, mais n''a pas \u00e9t\u00e9 termin\u00e9e ({0}).
-http.203=L''information meta pr\u00e9sent\u00e9e par le client n''a pas pour origine ce serveur ({0}).
-http.204=La requ\u00eate a r\u00e9ussi mais il n''y a aucune information \u00e0 retourner ({0}).
-http.205=Le client doit remettre \u00e0 z\u00e9ro la vue de document qui a caus\u00e9 l''envoi de cette requ\u00eate ({0}).
-http.206=Le serveur a satisfait une requ\u00eate GET partielle pour cette ressource ({0}).
-http.207=Plusieurs valeurs d''\u00e9tats ont \u00e9t\u00e9 retourn\u00e9es ({0}).
-http.300=La ressource demand\u00e9e ({0}) correspond \u00e0 plusieurs repr\u00e9sentations, chacune avec sa propre localisation.
-http.301=La ressource demand\u00e9e ({0}) a \u00e9t\u00e9 d\u00e9plac\u00e9e de fa\u00e7on permanente vers une nouvelle localisation.
-http.302=La ressource demand\u00e9e ({0}) a \u00e9t\u00e9 d\u00e9plac\u00e9e de fa\u00e7on temporaire vers une nouvelle localisation.
-http.303=La r\u00e9ponse \u00e0 cette requ\u00eate peut \u00eatre trouv\u00e9e \u00e0 une URI diff\u00e9rente ({0}).
-http.304=La ressource demand\u00e9e ({0}) est disponible et n''a pas \u00e9t\u00e9 modifi\u00e9e.
-http.305=La ressource demand\u00e9e ({0}) doit \u00eatre acc\u00e9d\u00e9e au travers du relais indiqu\u00e9 par la directive "Location" de l''ent\u00eate.
-http.400=La requ\u00eate envoy\u00e9e par le client \u00e9tait syntaxiquement incorrecte ({0}).
-http.401=La requ\u00eate n\u00e9cessite une authentification HTTP ({0}).
-http.402=Un paiement est demand\u00e9 pour acc\u00e9der \u00e0 cette ressource ({0}).
-http.403=L''acc\u00e8s \u00e0 la ressource demand\u00e9e ({0}) a \u00e9t\u00e9 interdit.
-http.404=La ressource demand\u00e9e ({0}) n''est pas disponible.
-http.405=La m\u00e9thode HTTP sp\u00e9cifi\u00e9e n''est pas autoris\u00e9e pour la ressource demand\u00e9e ({0}).
-http.406=La ressource identifi\u00e9e par cette requ\u00eate n''est capable de g\u00e9n\u00e9rer des r\u00e9ponses qu''avec des caract\u00e9ristiques incompatible avec la directive "accept" pr\u00e9sente dans l''ent\u00eate de requ\u00eate ({0}).
-http.407=Le client doit d''abord s''authentifier aupr\u00e8s du relais ({0}).
-http.408=Le client n''a pas produit de requ\u00eate pendant le temps d''attente du serveur ({0}).
-http.409=La requ\u00eate ne peut \u00eatre finalis\u00e9e suite \u00e0 un conflit li\u00e9 \u00e0 l''\u00e9tat de la ressource ({0}).
-http.410=La ressource demand\u00e9e ({0}) n''est pas disponible, et aucune addresse de rebond (forwarding) n''est connue.
-http.411=La requ\u00eate ne peut \u00eatre trait\u00e9e sans d\u00e9finition d''une taille de contenu (content length) ({0}).
-http.412=Une condition pr\u00e9alable demand\u00e9e n''est pas satisfaite pour cette requ\u00eate ({0}).
+http.100=Le client peut continuer.
+http.101=Le serveur change de protocoles suivant la directive "Upgrade" de l''ent\u00eate.
+http.201=La requ\u00eate a r\u00e9ussi et une nouvelle ressource a \u00e9t\u00e9 cr\u00e9\u00e9e sur le serveur.
+http.202=La requ\u00eate a \u00e9t\u00e9 accept\u00e9e pour traitement, mais n''a pas \u00e9t\u00e9 termin\u00e9e.
+http.203=L''information meta pr\u00e9sent\u00e9e par le client n''a pas pour origine ce serveur.
+http.204=La requ\u00eate a r\u00e9ussi mais il n''y a aucune information \u00e0 retourner.
+http.205=Le client doit remettre \u00e0 z\u00e9ro la vue de document qui a caus\u00e9 l''envoi de cette requ\u00eate.
+http.206=Le serveur a satisfait une requ\u00eate GET partielle pour cette ressource.
+http.207=Plusieurs valeurs d''\u00e9tats ont \u00e9t\u00e9 retourn\u00e9es.
+http.300=La ressource demand\u00e9e correspond \u00e0 plusieurs repr\u00e9sentations, chacune avec sa propre localisation.
+http.301=La ressource demand\u00e9e a \u00e9t\u00e9 d\u00e9plac\u00e9e de fa\u00e7on permanente vers une nouvelle localisation.
+http.302=La ressource demand\u00e9e a \u00e9t\u00e9 d\u00e9plac\u00e9e de fa\u00e7on temporaire vers une nouvelle localisation.
+http.303=La r\u00e9ponse \u00e0 cette requ\u00eate peut \u00eatre trouv\u00e9e \u00e0 une URI diff\u00e9rente.
+http.304=La ressource demand\u00e9e est disponible et n''a pas \u00e9t\u00e9 modifi\u00e9e.
+http.305=La ressource demand\u00e9e doit \u00eatre acc\u00e9d\u00e9e au travers du relais indiqu\u00e9 par la directive "Location" de l''ent\u00eate.
+http.400=La requ\u00eate envoy\u00e9e par le client \u00e9tait syntaxiquement incorrecte.
+http.401=La requ\u00eate n\u00e9cessite une authentification HTTP.
+http.402=Un paiement est demand\u00e9 pour acc\u00e9der \u00e0 cette ressource.
+http.403=L''acc\u00e8s \u00e0 la ressource demand\u00e9e a \u00e9t\u00e9 interdit.
+http.404=La ressource demand\u00e9e n''est pas disponible.
+http.405=La m\u00e9thode HTTP sp\u00e9cifi\u00e9e n''est pas autoris\u00e9e pour la ressource demand\u00e9e.
+http.406=La ressource identifi\u00e9e par cette requ\u00eate n''est capable de g\u00e9n\u00e9rer des r\u00e9ponses qu''avec des caract\u00e9ristiques incompatible avec la directive "accept" pr\u00e9sente dans l''ent\u00eate de requ\u00eate.
+http.407=Le client doit d''abord s''authentifier aupr\u00e8s du relais.
+http.408=Le client n''a pas produit de requ\u00eate pendant le temps d''attente du serveur.
+http.409=La requ\u00eate ne peut \u00eatre finalis\u00e9e suite \u00e0 un conflit li\u00e9 \u00e0 l''\u00e9tat de la ressource.
+http.410=La ressource demand\u00e9e n''est pas disponible, et aucune addresse de rebond (forwarding) n''est connue.
+http.411=La requ\u00eate ne peut \u00eatre trait\u00e9e sans d\u00e9finition d''une taille de contenu (content length).
+http.412=Une condition pr\u00e9alable demand\u00e9e n''est pas satisfaite pour cette requ\u00eate.
http.413=L''entit\u00e9 de requ\u00eate est plus importante que ce que le serveur veut ou peut traiter.
-http.414=Le serveur a refus\u00e9 cette requ\u00eate car l''URI de requ\u00eate est trop longue ({0}).
-http.415=Le serveur a refus\u00e9 cette requ\u00eate car l''entit\u00e9 de requ\u00eate est dans un format non support\u00e9 par la ressource demand\u00e9e avec la m\u00e9thode sp\u00e9cifi\u00e9e ({0}).
-http.416=La plage d''octets demand\u00e9e (byte range) ne peut \u00eatre satisfaite ({0}).
-http.417=L''attente indiqu\u00e9e dans la directive "Expect" de l''ent\u00eate de requ\u00eate ({0}) ne peut \u00eatre satisfaite.
-http.422=Le serveur a compris le type de contenu (content type) ainsi que la syntaxe de la requ\u00eate mais a \u00e9t\u00e9 incapable de traiter les instructions contenues ({0}).
-http.423=La ressource source ou destination de la m\u00e9thode est verrouill\u00e9e ({0}).
-http.500=Le serveur a rencontr\u00e9 une erreur interne ({0}) qui l''a emp\u00each\u00e9 de satisfaire la requ\u00eate.
-http.501=Le serveur ne supporte pas la fonctionnalit\u00e9 demand\u00e9e pour satisfaire cette requ\u00eate ({0}).
-http.502=Le serveur a re\u00e7u une r\u00e9ponse invalide d''un serveur qu''il consultait en tant que relais ou passerelle ({0}).
-http.503=Le service demand\u00e9 ({0}) n''est pas disponible actuellement.
-http.504=Le serveur a re\u00e7u un d\u00e9passement de delai (timeout) d''un serveur amont qu''il consultait en tant que relais ou passerelle ({0}).
-http.505=Le serveur ne supporte pas la version demand\u00e9e du protocole HTTP ({0}).
-http.507=L''espace disponible est insuffisant pour enregistrer l''\u00e9tat de la ressource apr\u00e8s ex\u00e9cution de cette m\u00e9thode ({0}).
+http.414=Le serveur a refus\u00e9 cette requ\u00eate car l''URI de requ\u00eate est trop longue.
+http.415=Le serveur a refus\u00e9 cette requ\u00eate car l''entit\u00e9 de requ\u00eate est dans un format non support\u00e9 par la ressource demand\u00e9e avec la m\u00e9thode sp\u00e9cifi\u00e9e.
+http.416=La plage d''octets demand\u00e9e (byte range) ne peut \u00eatre satisfaite.
+http.417=L''attente indiqu\u00e9e dans la directive "Expect" de l''ent\u00eate de requ\u00eate ne peut \u00eatre satisfaite.
+http.422=Le serveur a compris le type de contenu (content type) ainsi que la syntaxe de la requ\u00eate mais a \u00e9t\u00e9 incapable de traiter les instructions contenues.
+http.423=La ressource source ou destination de la m\u00e9thode est verrouill\u00e9e.
+http.500=Le serveur a rencontr\u00e9 une erreur interne qui l''a emp\u00each\u00e9 de satisfaire la requ\u00eate.
+http.501=Le serveur ne supporte pas la fonctionnalit\u00e9 demand\u00e9e pour satisfaire cette requ\u00eate.
+http.502=Le serveur a re\u00e7u une r\u00e9ponse invalide d''un serveur qu''il consultait en tant que relais ou passerelle.
+http.503=Le service demand\u00e9 n''est pas disponible actuellement.
+http.504=Le serveur a re\u00e7u un d\u00e9passement de delai (timeout) d''un serveur amont qu''il consultait en tant que relais ou passerelle.
+http.505=Le serveur ne supporte pas la version demand\u00e9e du protocole HTTP.
+http.507=L''espace disponible est insuffisant pour enregistrer l''\u00e9tat de la ressource apr\u00e8s ex\u00e9cution de cette m\u00e9thode.
\ No newline at end of file
diff --git a/java/org/apache/catalina/valves/RequestFilterValve.java b/java/org/apache/catalina/valves/RequestFilterValve.java
index 530c14a..35d737f 100644
--- a/java/org/apache/catalina/valves/RequestFilterValve.java
+++ b/java/org/apache/catalina/valves/RequestFilterValve.java
@@ -66,7 +66,7 @@ import org.apache.catalina.util.StringManager;
* of the filtering you wish to perform.
*
* @author Craig R. McClanahan
- * @version $Id: RequestFilterValve.java 1200273 2011-11-10 11:27:10Z kkolinko $
+ * @version $Id: RequestFilterValve.java 1303194 2012-03-20 23:02:55Z kkolinko $
*/
public abstract class RequestFilterValve
@@ -133,6 +133,12 @@ public abstract class RequestFilterValve
protected volatile boolean denyValid = true;
/**
+ * The HTTP response status code that is used when rejecting denied
+ * request. It is 403 by default, but may be changed to be 404.
+ */
+ protected int denyStatus = HttpServletResponse.SC_FORBIDDEN;
+
+ /**
* The lifecycle event support for this component.
*/
protected LifecycleSupport lifecycle = new LifecycleSupport(this);
@@ -224,6 +230,22 @@ public abstract class RequestFilterValve
/**
+ * Return response status code that is used to reject denied request.
+ */
+ public int getDenyStatus() {
+ return denyStatus;
+ }
+
+
+ /**
+ * Set response status code that is used to reject denied request.
+ */
+ public void setDenyStatus(int denyStatus) {
+ this.denyStatus = denyStatus;
+ }
+
+
+ /**
* Return descriptive information about this Valve implementation.
*/
public String getInfo() {
@@ -318,8 +340,22 @@ public abstract class RequestFilterValve
}
// Deny this request
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
+ denyRequest(request, response);
+
+ }
+
+ /**
+ * Reject the request that was denied by this valve.
+ *
+ * @param request The servlet request to be processed
+ * @param response The servlet response to be processed
+ * @exception IOException if an input/output error occurs
+ * @exception ServletException if a servlet error occurs
+ */
+ protected void denyRequest(Request request, Response response)
+ throws IOException, ServletException {
+ response.sendError(denyStatus);
}
diff --git a/java/org/apache/catalina/valves/StuckThreadDetectionValve.java b/java/org/apache/catalina/valves/StuckThreadDetectionValve.java
new file mode 100644
index 0000000..b1717ec
--- /dev/null
+++ b/java/org/apache/catalina/valves/StuckThreadDetectionValve.java
@@ -0,0 +1,297 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.catalina.valves;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Queue;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentLinkedQueue;
+import java.util.concurrent.atomic.AtomicInteger;
+
+import javax.servlet.ServletException;
+
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.juli.logging.Log;
+import org.apache.juli.logging.LogFactory;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * This valve allows to detect requests that take a long time to process, which
+ * might indicate that the thread that is processing it is stuck.
+ */
+public class StuckThreadDetectionValve extends ValveBase {
+
+ /**
+ * Logger
+ */
+ private static final Log log = LogFactory.getLog(StuckThreadDetectionValve.class);
+
+ /**
+ * The string manager for this package.
+ */
+ private static final StringManager sm =
+ StringManager.getManager(Constants.Package);
+
+ /**
+ * Keeps count of the number of stuck threads detected
+ */
+ private final AtomicInteger stuckCount = new AtomicInteger(0);
+
+ /**
+ * In seconds. Default 600 (10 minutes).
+ */
+ private int threshold = 600;
+
+ /**
+ * The only references we keep to actual running Thread objects are in
+ * this Map (which is automatically cleaned in invoke()s finally clause).
+ * That way, Threads can be GC'ed, eventhough the Valve still thinks they
+ * are stuck (caused by a long monitor interval)
+ */
+ private final ConcurrentHashMap<Long, MonitoredThread> activeThreads =
+ new ConcurrentHashMap<Long, MonitoredThread>();
+ /**
+ *
+ */
+ private final Queue<CompletedStuckThread> completedStuckThreadsQueue =
+ new ConcurrentLinkedQueue<CompletedStuckThread>();
+
+ /**
+ * Specify the threshold (in seconds) used when checking for stuck threads.
+ * If <=0, the detection is disabled. The default is 600 seconds.
+ *
+ * @param threshold
+ * The new threshold in seconds
+ */
+ public void setThreshold(int threshold) {
+ this.threshold = threshold;
+ }
+
+ /**
+ * @see #setThreshold(int)
+ * @return The current threshold in seconds
+ */
+ public int getThreshold() {
+ return threshold;
+ }
+
+
+ private void notifyStuckThreadDetected(MonitoredThread monitoredThread,
+ long activeTime, int numStuckThreads) {
+ if (log.isWarnEnabled()) {
+ String msg = sm.getString(
+ "stuckThreadDetectionValve.notifyStuckThreadDetected",
+ monitoredThread.getThread().getName(),
+ Long.valueOf(activeTime),
+ monitoredThread.getStartTime(),
+ Integer.valueOf(numStuckThreads),
+ monitoredThread.getRequestUri(),
+ Integer.valueOf(threshold),
+ String.valueOf(monitoredThread.getThread().getId())
+ );
+ // msg += "\n" + getStackTraceAsString(trace);
+ Throwable th = new Throwable();
+ th.setStackTrace(monitoredThread.getThread().getStackTrace());
+ log.warn(msg, th);
+ }
+ }
+
+ private void notifyStuckThreadCompleted(CompletedStuckThread thread,
+ int numStuckThreads) {
+ if (log.isWarnEnabled()) {
+ String msg = sm.getString(
+ "stuckThreadDetectionValve.notifyStuckThreadCompleted",
+ thread.getName(),
+ Long.valueOf(thread.getTotalActiveTime()),
+ Integer.valueOf(numStuckThreads),
+ String.valueOf(thread.getId()));
+ // Since the "stuck thread notification" is warn, this should also
+ // be warn
+ log.warn(msg);
+ }
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public void invoke(Request request, Response response)
+ throws IOException, ServletException {
+
+ if (threshold <= 0) {
+ // short-circuit if not monitoring stuck threads
+ getNext().invoke(request, response);
+ return;
+ }
+
+ // Save the thread/runnable
+ // Keeping a reference to the thread object here does not prevent
+ // GC'ing, as the reference is removed from the Map in the finally clause
+
+ Long key = Long.valueOf(Thread.currentThread().getId());
+ StringBuffer requestUrl = request.getRequestURL();
+ if(request.getQueryString()!=null) {
+ requestUrl.append("?");
+ requestUrl.append(request.getQueryString());
+ }
+ MonitoredThread monitoredThread = new MonitoredThread(Thread.currentThread(),
+ requestUrl.toString());
+ activeThreads.put(key, monitoredThread);
+
+ try {
+ getNext().invoke(request, response);
+ } finally {
+ activeThreads.remove(key);
+ if (monitoredThread.markAsDone() == MonitoredThreadState.STUCK) {
+ completedStuckThreadsQueue.add(
+ new CompletedStuckThread(monitoredThread.getThread(),
+ monitoredThread.getActiveTimeInMillis()));
+ }
+ }
+ }
+
+ @Override
+ public void backgroundProcess() {
+ super.backgroundProcess();
+
+ long thresholdInMillis = threshold * 1000;
+
+ // Check monitored threads, being careful that the request might have
+ // completed by the time we examine it
+ for (MonitoredThread monitoredThread : activeThreads.values()) {
+ long activeTime = monitoredThread.getActiveTimeInMillis();
+
+ if (activeTime >= thresholdInMillis && monitoredThread.markAsStuckIfStillRunning()) {
+ int numStuckThreads = stuckCount.incrementAndGet();
+ notifyStuckThreadDetected(monitoredThread, activeTime, numStuckThreads);
+ }
+ }
+ // Check if any threads previously reported as stuck, have finished.
+ for (CompletedStuckThread completedStuckThread = completedStuckThreadsQueue.poll();
+ completedStuckThread != null; completedStuckThread = completedStuckThreadsQueue.poll()) {
+
+ int numStuckThreads = stuckCount.decrementAndGet();
+ notifyStuckThreadCompleted(completedStuckThread, numStuckThreads);
+ }
+ }
+
+ public long[] getStuckThreadIds() {
+ List<Long> idList = new ArrayList<Long>();
+ for (MonitoredThread monitoredThread : activeThreads.values()) {
+ if (monitoredThread.isMarkedAsStuck()) {
+ idList.add(Long.valueOf(monitoredThread.getThread().getId()));
+ }
+ }
+
+ long[] result = new long[idList.size()];
+ for (int i = 0; i < result.length; i++) {
+ result[i] = idList.get(i).longValue();
+ }
+ return result;
+ }
+
+ public String[] getStuckThreadNames() {
+ List<String> nameList = new ArrayList<String>();
+ for (MonitoredThread monitoredThread : activeThreads.values()) {
+ if (monitoredThread.isMarkedAsStuck()) {
+ nameList.add(monitoredThread.getThread().getName());
+ }
+ }
+ return nameList.toArray(new String[nameList.size()]);
+ }
+
+ private static class MonitoredThread {
+
+ /**
+ * Reference to the thread to get a stack trace from background task
+ */
+ private final Thread thread;
+ private final String requestUri;
+ private final long start;
+ private final AtomicInteger state = new AtomicInteger(
+ MonitoredThreadState.RUNNING.ordinal());
+
+ public MonitoredThread(Thread thread, String requestUri) {
+ this.thread = thread;
+ this.requestUri = requestUri;
+ this.start = System.currentTimeMillis();
+ }
+
+ public Thread getThread() {
+ return this.thread;
+ }
+
+ public String getRequestUri() {
+ return requestUri;
+ }
+
+ public long getActiveTimeInMillis() {
+ return System.currentTimeMillis() - start;
+ }
+
+ public Date getStartTime() {
+ return new Date(start);
+ }
+
+ public boolean markAsStuckIfStillRunning() {
+ return this.state.compareAndSet(MonitoredThreadState.RUNNING.ordinal(),
+ MonitoredThreadState.STUCK.ordinal());
+ }
+
+ public MonitoredThreadState markAsDone() {
+ int val = this.state.getAndSet(MonitoredThreadState.DONE.ordinal());
+ return MonitoredThreadState.values()[val];
+ }
+
+ boolean isMarkedAsStuck() {
+ return this.state.get() == MonitoredThreadState.STUCK.ordinal();
+ }
+ }
+
+ private static class CompletedStuckThread {
+
+ private final String threadName;
+ private final long threadId;
+ private final long totalActiveTime;
+
+ public CompletedStuckThread(Thread thread, long totalActiveTime) {
+ this.threadName = thread.getName();
+ this.threadId = thread.getId();
+ this.totalActiveTime = totalActiveTime;
+ }
+
+ public String getName() {
+ return this.threadName;
+ }
+
+ public long getId() {
+ return this.threadId;
+ }
+
+ public long getTotalActiveTime() {
+ return this.totalActiveTime;
+ }
+ }
+
+ private enum MonitoredThreadState {
+ RUNNING, STUCK, DONE;
+ }
+}
diff --git a/java/org/apache/catalina/valves/mbeans-descriptors.xml b/java/org/apache/catalina/valves/mbeans-descriptors.xml
index 76c683f..ab2dacc 100644
--- a/java/org/apache/catalina/valves/mbeans-descriptors.xml
+++ b/java/org/apache/catalina/valves/mbeans-descriptors.xml
@@ -306,6 +306,10 @@
description="The comma-delimited set of deny expressions"
type="java.lang.String"/>
+ <attribute name="denyStatus"
+ description="HTTP response status code that is used when rejecting denied request"
+ type="int"/>
+
<attribute name="denyValid"
description="Becomes false if assigned value of deny expression is not syntactically correct"
is="true"
@@ -353,6 +357,10 @@
description="The comma-delimited set of deny expressions"
type="java.lang.String"/>
+ <attribute name="denyStatus"
+ description="HTTP response status code that is used when rejecting denied request"
+ type="int"/>
+
<attribute name="denyValid"
description="Becomes false if assigned value of deny expression is not syntactically correct"
is="true"
@@ -451,4 +459,31 @@
writeable="false" />
</mbean>
+
+ <mbean name="StuckThreadDetectionValve"
+ description="Detect long requests for which their thread might be stuck"
+ domain="Catalina"
+ group="Valve"
+ type="org.apache.catalina.valves.StuckThreadDetectionValve">
+
+ <attribute name="className"
+ description="Fully qualified class name of the managed object"
+ type="java.lang.String"
+ writeable="false"/>
+
+ <attribute name="stuckThreadIds"
+ description="IDs of the threads currently considered stuck. Each ID can then be used with the Threading MBean to retrieve data about it."
+ type="long[]"
+ writeable="false"/>
+
+ <attribute name="stuckThreadNames"
+ description="Names of the threads currently considered stuck."
+ type="java.lang.String[]"
+ writeable="false"/>
+
+ <attribute name="threshold"
+ description="Duration in seconds after which a request is considered as stuck"
+ type="int"/>
+
+ </mbean>
</mbeans-descriptors>
diff --git a/java/org/apache/coyote/Processor.java b/java/org/apache/coyote/AbstractProtocol.java
similarity index 68%
copy from java/org/apache/coyote/Processor.java
copy to java/org/apache/coyote/AbstractProtocol.java
index 9258f57..382a567 100644
--- a/java/org/apache/coyote/Processor.java
+++ b/java/org/apache/coyote/AbstractProtocol.java
@@ -14,32 +14,18 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
package org.apache.coyote;
-import java.io.InputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-
-/**
- * Processor.
- *
- * Not really used, should be deprecated.
- *
- * @author Remy Maucherat
- */
-public interface Processor {
-
-
- public void setAdapter(Adapter adapter);
-
-
- public Adapter getAdapter();
-
+import org.apache.tomcat.util.net.AbstractEndpoint;
- public void process(InputStream input, OutputStream output)
- throws IOException;
+public abstract class AbstractProtocol implements ProtocolHandler {
+ protected abstract AbstractEndpoint getEndpoint();
+ public int getMaxHeaderCount() {
+ return getEndpoint().getMaxHeaderCount();
+ }
+ public void setMaxHeaderCount(int maxHeaderCount) {
+ getEndpoint().setMaxHeaderCount(maxHeaderCount);
+ }
}
diff --git a/java/org/apache/coyote/ajp/AjpAprProcessor.java b/java/org/apache/coyote/ajp/AjpAprProcessor.java
index 14b6e40..ae9f936 100644
--- a/java/org/apache/coyote/ajp/AjpAprProcessor.java
+++ b/java/org/apache/coyote/ajp/AjpAprProcessor.java
@@ -110,7 +110,7 @@ public class AjpAprProcessor implements ActionHook {
outputBuffer = ByteBuffer.allocateDirect(packetSize * 2);
// Cause loading of HexUtils
- int foo = HexUtils.DEC[0];
+ HexUtils.getDec('0');
// Cause loading of HttpMessages
HttpMessages.getMessage(200);
@@ -631,7 +631,7 @@ public class AjpAprProcessor implements ActionHook {
first = false;
empty = false;
replay = true;
-
+ endOfStream = false;
}
@@ -692,6 +692,9 @@ public class AjpAprProcessor implements ActionHook {
// Decode headers
MimeHeaders headers = request.getMimeHeaders();
+ // Set this every time in case limit has been changed via JMX
+ headers.setLimit(endpoint.getMaxHeaderCount());
+
int hCount = requestHeaderMessage.getInt();
for(int i = 0 ; i < hCount ; i++) {
String hName = null;
@@ -953,7 +956,7 @@ public class AjpAprProcessor implements ActionHook {
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.getDec(valueB[i + valueS]);
if (charValue == -1) {
// Invalid character
error = true;
@@ -1258,6 +1261,9 @@ public class AjpAprProcessor implements ActionHook {
throws IOException {
if (outputBuffer.position() > 0) {
if ((socket != 0) && Socket.sendbb(socket, 0, outputBuffer.position()) < 0) {
+ // There are no re-tries so clear the buffer to prevent a
+ // possible overflow if the buffer is used again. BZ53119.
+ outputBuffer.clear();
throw new IOException(sm.getString("ajpprocessor.failedsend"));
}
outputBuffer.clear();
diff --git a/java/org/apache/coyote/ajp/AjpAprProtocol.java b/java/org/apache/coyote/ajp/AjpAprProtocol.java
index f01b61f..4cecb66 100644
--- a/java/org/apache/coyote/ajp/AjpAprProtocol.java
+++ b/java/org/apache/coyote/ajp/AjpAprProtocol.java
@@ -30,13 +30,14 @@ import javax.management.MBeanRegistration;
import javax.management.MBeanServer;
import javax.management.ObjectName;
+import org.apache.coyote.AbstractProtocol;
import org.apache.coyote.ActionCode;
import org.apache.coyote.ActionHook;
import org.apache.coyote.Adapter;
-import org.apache.coyote.ProtocolHandler;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.RequestInfo;
import org.apache.tomcat.util.modeler.Registry;
+import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.AprEndpoint;
import org.apache.tomcat.util.net.SocketStatus;
import org.apache.tomcat.util.net.AprEndpoint.Handler;
@@ -51,8 +52,8 @@ import org.apache.tomcat.util.res.StringManager;
* @author Remy Maucherat
* @author Costin Manolache
*/
-public class AjpAprProtocol
- implements ProtocolHandler, MBeanRegistration {
+public class AjpAprProtocol extends AbstractProtocol
+ implements MBeanRegistration {
protected static org.apache.juli.logging.Log log =
@@ -91,6 +92,9 @@ public class AjpAprProtocol
*/
protected AprEndpoint endpoint = new AprEndpoint();
+ protected final AbstractEndpoint getEndpoint() {
+ return endpoint;
+ }
/**
* Configuration attributes.
diff --git a/java/org/apache/coyote/ajp/AjpProcessor.java b/java/org/apache/coyote/ajp/AjpProcessor.java
index d27c020..67bd664 100644
--- a/java/org/apache/coyote/ajp/AjpProcessor.java
+++ b/java/org/apache/coyote/ajp/AjpProcessor.java
@@ -104,7 +104,7 @@ public class AjpProcessor implements ActionHook {
0, getBodyMessage.getLen());
// Cause loading of HexUtils
- int foo = HexUtils.DEC[0];
+ HexUtils.getDec('0');
// Cause loading of HttpMessages
HttpMessages.getMessage(200);
@@ -636,7 +636,7 @@ public class AjpProcessor implements ActionHook {
first = false;
empty = false;
replay = true;
-
+ endOfStream = false;
}
@@ -697,6 +697,9 @@ public class AjpProcessor implements ActionHook {
// Decode headers
MimeHeaders headers = request.getMimeHeaders();
+ // Set this every time in case limit has been changed via JMX
+ headers.setLimit(endpoint.getMaxHeaderCount());
+
int hCount = requestHeaderMessage.getInt();
for(int i = 0 ; i < hCount ; i++) {
String hName = null;
@@ -958,7 +961,7 @@ public class AjpProcessor implements ActionHook {
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.getDec(valueB[i + valueS]);
if (charValue == -1) {
// Invalid character
error = true;
diff --git a/java/org/apache/coyote/ajp/AjpProtocol.java b/java/org/apache/coyote/ajp/AjpProtocol.java
index 11d810b..fa6ddd6 100644
--- a/java/org/apache/coyote/ajp/AjpProtocol.java
+++ b/java/org/apache/coyote/ajp/AjpProtocol.java
@@ -31,13 +31,14 @@ import javax.management.MBeanRegistration;
import javax.management.MBeanServer;
import javax.management.ObjectName;
+import org.apache.coyote.AbstractProtocol;
import org.apache.coyote.ActionCode;
import org.apache.coyote.ActionHook;
import org.apache.coyote.Adapter;
-import org.apache.coyote.ProtocolHandler;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.RequestInfo;
import org.apache.tomcat.util.modeler.Registry;
+import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.JIoEndpoint;
import org.apache.tomcat.util.net.JIoEndpoint.Handler;
import org.apache.tomcat.util.res.StringManager;
@@ -51,8 +52,8 @@ import org.apache.tomcat.util.res.StringManager;
* @author Remy Maucherat
* @author Costin Manolache
*/
-public class AjpProtocol
- implements ProtocolHandler, MBeanRegistration {
+public class AjpProtocol extends AbstractProtocol
+ implements MBeanRegistration {
protected static org.apache.juli.logging.Log log =
@@ -91,6 +92,9 @@ public class AjpProtocol
*/
protected JIoEndpoint endpoint = new JIoEndpoint();
+ protected final AbstractEndpoint getEndpoint() {
+ return endpoint;
+ }
/**
* Configuration attributes.
diff --git a/java/org/apache/coyote/http11/Http11AprProcessor.java b/java/org/apache/coyote/http11/Http11AprProcessor.java
index b21e8aa..0137d6e 100644
--- a/java/org/apache/coyote/http11/Http11AprProcessor.java
+++ b/java/org/apache/coyote/http11/Http11AprProcessor.java
@@ -107,7 +107,7 @@ public class Http11AprProcessor implements ActionHook {
initializeFilters();
// Cause loading of HexUtils
- int foo = HexUtils.DEC[0];
+ HexUtils.getDec('0');
}
@@ -837,6 +837,8 @@ public class Http11AprProcessor implements ActionHook {
if (!disableUploadTimeout) {
Socket.timeoutSet(socket, timeout * 1000);
}
+ // Set this every time in case limit has been changed via JMX
+ request.getMimeHeaders().setLimit(endpoint.getMaxHeaderCount());
inputBuffer.parseHeaders();
} catch (IOException e) {
error = true;
@@ -1533,7 +1535,7 @@ public class Http11AprProcessor implements ActionHook {
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.getDec(valueB[i + valueS]);
if (charValue == -1) {
// Invalid character
error = true;
diff --git a/java/org/apache/coyote/http11/Http11AprProtocol.java b/java/org/apache/coyote/http11/Http11AprProtocol.java
index 614391e..ef1ec29 100644
--- a/java/org/apache/coyote/http11/Http11AprProtocol.java
+++ b/java/org/apache/coyote/http11/Http11AprProtocol.java
@@ -31,13 +31,14 @@ import javax.management.MBeanRegistration;
import javax.management.MBeanServer;
import javax.management.ObjectName;
+import org.apache.coyote.AbstractProtocol;
import org.apache.coyote.ActionCode;
import org.apache.coyote.ActionHook;
import org.apache.coyote.Adapter;
-import org.apache.coyote.ProtocolHandler;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.RequestInfo;
import org.apache.tomcat.util.modeler.Registry;
+import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.AprEndpoint;
import org.apache.tomcat.util.net.SocketStatus;
import org.apache.tomcat.util.net.AprEndpoint.Handler;
@@ -52,7 +53,8 @@ import org.apache.tomcat.util.res.StringManager;
* @author Remy Maucherat
* @author Costin Manolache
*/
-public class Http11AprProtocol implements ProtocolHandler, MBeanRegistration {
+public class Http11AprProtocol extends AbstractProtocol
+ implements MBeanRegistration {
protected static org.apache.juli.logging.Log log =
org.apache.juli.logging.LogFactory.getLog(Http11AprProtocol.class);
@@ -188,6 +190,10 @@ public class Http11AprProtocol implements ProtocolHandler, MBeanRegistration {
protected AprEndpoint endpoint=new AprEndpoint();
+ protected final AbstractEndpoint getEndpoint() {
+ return endpoint;
+ }
+
protected HashMap<String, Object> attributes = new HashMap<String, Object>();
private Http11ConnectionHandler cHandler = new Http11ConnectionHandler(this);
diff --git a/java/org/apache/coyote/http11/Http11NioProcessor.java b/java/org/apache/coyote/http11/Http11NioProcessor.java
index 75eef83..dc9520d 100644
--- a/java/org/apache/coyote/http11/Http11NioProcessor.java
+++ b/java/org/apache/coyote/http11/Http11NioProcessor.java
@@ -111,7 +111,7 @@ public class Http11NioProcessor implements ActionHook {
initializeFilters();
// Cause loading of HexUtils
- int foo = HexUtils.DEC[0];
+ HexUtils.getDec('0');
}
@@ -836,6 +836,8 @@ public class Http11NioProcessor implements ActionHook {
break;
}
keptAlive = true;
+ // Set this every time in case limit has been changed via JMX
+ request.getMimeHeaders().setLimit(endpoint.getMaxHeaderCount());
if ( !inputBuffer.parseHeaders() ) {
//we've read part of the request, don't recycle it
//instead associate it with the socket
@@ -1529,7 +1531,7 @@ public class Http11NioProcessor implements ActionHook {
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.getDec(valueB[i + valueS]);
if (charValue == -1) {
// Invalid character
error = true;
diff --git a/java/org/apache/coyote/http11/Http11NioProtocol.java b/java/org/apache/coyote/http11/Http11NioProtocol.java
index 6c7f190..bc2aaa5 100644
--- a/java/org/apache/coyote/http11/Http11NioProtocol.java
+++ b/java/org/apache/coyote/http11/Http11NioProtocol.java
@@ -29,13 +29,14 @@ import javax.management.MBeanRegistration;
import javax.management.MBeanServer;
import javax.management.ObjectName;
+import org.apache.coyote.AbstractProtocol;
import org.apache.coyote.ActionCode;
import org.apache.coyote.ActionHook;
import org.apache.coyote.Adapter;
-import org.apache.coyote.ProtocolHandler;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.RequestInfo;
import org.apache.tomcat.util.modeler.Registry;
+import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.NioChannel;
import org.apache.tomcat.util.net.NioEndpoint;
import org.apache.tomcat.util.net.NioEndpoint.Handler;
@@ -54,7 +55,7 @@ import org.apache.tomcat.util.res.StringManager;
* @author Costin Manolache
* @author Filip Hanik
*/
-public class Http11NioProtocol implements ProtocolHandler, MBeanRegistration
+public class Http11NioProtocol extends AbstractProtocol implements MBeanRegistration
{
protected JSSEImplementation sslImplementation = null;
@@ -207,6 +208,11 @@ public class Http11NioProtocol implements ProtocolHandler, MBeanRegistration
// -------------------- Properties--------------------
protected NioEndpoint ep=new NioEndpoint();
+
+ protected final AbstractEndpoint getEndpoint() {
+ return ep;
+ }
+
protected boolean secure = false;
protected Hashtable attributes = new Hashtable();
diff --git a/java/org/apache/coyote/http11/Http11Processor.java b/java/org/apache/coyote/http11/Http11Processor.java
index fc6c060..be68b3b 100644
--- a/java/org/apache/coyote/http11/Http11Processor.java
+++ b/java/org/apache/coyote/http11/Http11Processor.java
@@ -101,7 +101,7 @@ public class Http11Processor implements ActionHook {
initializeFilters();
// Cause loading of HexUtils
- int foo = HexUtils.DEC[0];
+ HexUtils.getDec('0');
}
@@ -819,6 +819,8 @@ public class Http11Processor implements ActionHook {
} else {
socket.setSoTimeout(timeout);
}
+ // Set this every time in case limit has been changed via JMX
+ request.getMimeHeaders().setLimit(endpoint.getMaxHeaderCount());
inputBuffer.parseHeaders();
} catch (IOException e) {
error = true;
@@ -1411,7 +1413,7 @@ public class Http11Processor implements ActionHook {
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.getDec(valueB[i + valueS]);
if (charValue == -1) {
// Invalid character
error = true;
diff --git a/java/org/apache/coyote/http11/Http11Protocol.java b/java/org/apache/coyote/http11/Http11Protocol.java
index aba4a22..0afe5e7 100644
--- a/java/org/apache/coyote/http11/Http11Protocol.java
+++ b/java/org/apache/coyote/http11/Http11Protocol.java
@@ -31,13 +31,14 @@ import javax.management.MBeanRegistration;
import javax.management.MBeanServer;
import javax.management.ObjectName;
+import org.apache.coyote.AbstractProtocol;
import org.apache.coyote.ActionCode;
import org.apache.coyote.ActionHook;
import org.apache.coyote.Adapter;
-import org.apache.coyote.ProtocolHandler;
import org.apache.coyote.RequestGroupInfo;
import org.apache.coyote.RequestInfo;
import org.apache.tomcat.util.modeler.Registry;
+import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.JIoEndpoint;
import org.apache.tomcat.util.net.SSLImplementation;
import org.apache.tomcat.util.net.ServerSocketFactory;
@@ -53,8 +54,8 @@ import org.apache.tomcat.util.res.StringManager;
* @author Remy Maucherat
* @author Costin Manolache
*/
-public class Http11Protocol
- implements ProtocolHandler, MBeanRegistration {
+public class Http11Protocol extends AbstractProtocol
+ implements MBeanRegistration {
protected static org.apache.juli.logging.Log log
@@ -84,6 +85,9 @@ public class Http11Protocol
protected Http11ConnectionHandler cHandler = new Http11ConnectionHandler(this);
protected JIoEndpoint endpoint = new JIoEndpoint();
+ protected final AbstractEndpoint getEndpoint() {
+ return endpoint;
+ }
// *
protected ObjectName tpOname = null;
diff --git a/java/org/apache/coyote/http11/InternalNioInputBuffer.java b/java/org/apache/coyote/http11/InternalNioInputBuffer.java
index f8d159e..600a695 100644
--- a/java/org/apache/coyote/http11/InternalNioInputBuffer.java
+++ b/java/org/apache/coyote/http11/InternalNioInputBuffer.java
@@ -673,10 +673,6 @@ public class InternalNioInputBuffer implements InputBuffer {
do {
status = parseHeader();
- } while ( status == HeaderParseStatus.HAVE_MORE_HEADERS );
- if (status == HeaderParseStatus.DONE) {
- parsingHeader = false;
- end = pos;
// Checking that
// (1) Headers plus request line size does not exceed its limit
// (2) There are enough bytes to avoid expanding the buffer when
@@ -685,11 +681,15 @@ public class InternalNioInputBuffer implements InputBuffer {
// limitation to enforce the meaning of headerBufferSize
// From the way how buf is allocated and how blank lines are being
// read, it should be enough to check (1) only.
- if (end - skipBlankLinesBytes > headerBufferSize
- || buf.length - end < socketReadBufferSize) {
+ if (pos - skipBlankLinesBytes > headerBufferSize
+ || buf.length - pos < socketReadBufferSize) {
throw new IllegalArgumentException(
sm.getString("iib.requestheadertoolarge.error"));
}
+ } while ( status == HeaderParseStatus.HAVE_MORE_HEADERS );
+ if (status == HeaderParseStatus.DONE) {
+ parsingHeader = false;
+ end = pos;
return true;
} else {
return false;
diff --git a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
index 07c737d..eabf33d 100644
--- a/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
+++ b/java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
@@ -243,6 +243,7 @@ public class ChunkedInputFilter implements InputFilter {
pos = 0;
lastValid = 0;
endChunk = false;
+ needCRLFParse = false;
trailingHeaders.recycle();
}
@@ -306,10 +307,11 @@ public class ChunkedInputFilter implements InputFilter {
trailer = true;
} else if (!trailer) {
//don't read data after the trailer
- if (HexUtils.DEC[buf[pos]] != -1) {
+ int charValue = HexUtils.getDec(buf[pos]);
+ if (charValue != -1) {
readDigit = true;
result *= 16;
- result += HexUtils.DEC[buf[pos]];
+ result += charValue;
} else {
//we shouldn't allow invalid, non hex characters
//in the chunked header
diff --git a/java/org/apache/coyote/http11/filters/FlushableGZIPOutputStream.java b/java/org/apache/coyote/http11/filters/FlushableGZIPOutputStream.java
index 4e683ed..e8feef6 100644
--- a/java/org/apache/coyote/http11/filters/FlushableGZIPOutputStream.java
+++ b/java/org/apache/coyote/http11/filters/FlushableGZIPOutputStream.java
@@ -42,6 +42,12 @@ public class FlushableGZIPOutputStream extends GZIPOutputStream {
private byte[] lastByte = new byte[1];
private boolean hasLastByte = false;
+ /**
+ * Flag that compression has to be re-enabled before the next write
+ * operation.
+ */
+ private boolean flagReenableCompression = false;
+
@Override
public void write(byte[] bytes) throws IOException {
write(bytes, 0, bytes.length);
@@ -53,6 +59,7 @@ public class FlushableGZIPOutputStream extends GZIPOutputStream {
if (length > 0) {
flushLastByte();
if (length > 1) {
+ reenableCompression();
super.write(bytes, offset, length - 1);
}
rememberLastByte(bytes[offset + length - 1]);
@@ -89,6 +96,13 @@ public class FlushableGZIPOutputStream extends GZIPOutputStream {
super.close();
}
+ private void reenableCompression() {
+ if (flagReenableCompression && !def.finished()) {
+ flagReenableCompression = false;
+ def.setLevel(Deflater.DEFAULT_COMPRESSION);
+ }
+ }
+
private void rememberLastByte(byte b) {
lastByte[0] = b;
hasLastByte = true;
@@ -96,6 +110,7 @@ public class FlushableGZIPOutputStream extends GZIPOutputStream {
private void flushLastByte() throws IOException {
if (hasLastByte) {
+ reenableCompression();
// Clear the flag first, because write() may fail
hasLastByte = false;
super.write(lastByte, 0, 1);
@@ -118,7 +133,7 @@ public class FlushableGZIPOutputStream extends GZIPOutputStream {
if (!def.finished()) {
def.setLevel(Deflater.NO_COMPRESSION);
flushLastByte();
- def.setLevel(Deflater.DEFAULT_COMPRESSION);
+ flagReenableCompression = true;
}
}
out.flush();
@@ -139,5 +154,4 @@ public class FlushableGZIPOutputStream extends GZIPOutputStream {
}
} while (len != 0);
}
-
}
diff --git a/java/org/apache/el/lang/ELSupport.java b/java/org/apache/el/lang/ELSupport.java
index 0c598ed..67e51e9 100644
--- a/java/org/apache/el/lang/ELSupport.java
+++ b/java/org/apache/el/lang/ELSupport.java
@@ -32,7 +32,7 @@ import org.apache.el.util.MessageFactory;
* A helper class that implements the EL Specification
*
* @author Jacob Hookom [jacob at hookom.net]
- * @version $Id: ELSupport.java 939519 2010-04-30 00:12:23Z kkolinko $
+ * @version $Id: ELSupport.java 1245686 2012-02-17 18:06:00Z markt $
*/
public class ELSupport {
@@ -104,35 +104,31 @@ public class ELSupport {
return true;
} else if (obj0 == null || obj1 == null) {
return false;
- } else if (obj0 instanceof Boolean || obj1 instanceof Boolean) {
- return coerceToBoolean(obj0).equals(coerceToBoolean(obj1));
- } else if (obj0.getClass().isEnum()) {
- return obj0.equals(coerceToEnum(obj1, obj0.getClass()));
- } else if (obj1.getClass().isEnum()) {
- return obj1.equals(coerceToEnum(obj0, obj1.getClass()));
- } else if (obj0 instanceof String || obj1 instanceof String) {
- int lexCompare = coerceToString(obj0).compareTo(coerceToString(obj1));
- return (lexCompare == 0) ? true : false;
- }
- if (isBigDecimalOp(obj0, obj1)) {
+ } else if (isBigDecimalOp(obj0, obj1)) {
BigDecimal bd0 = (BigDecimal) coerceToNumber(obj0, BigDecimal.class);
BigDecimal bd1 = (BigDecimal) coerceToNumber(obj1, BigDecimal.class);
return bd0.equals(bd1);
- }
- if (isDoubleOp(obj0, obj1)) {
+ } else if (isDoubleOp(obj0, obj1)) {
Double d0 = (Double) coerceToNumber(obj0, Double.class);
Double d1 = (Double) coerceToNumber(obj1, Double.class);
return d0.equals(d1);
- }
- if (isBigIntegerOp(obj0, obj1)) {
+ } else if (isBigIntegerOp(obj0, obj1)) {
BigInteger bi0 = (BigInteger) coerceToNumber(obj0, BigInteger.class);
BigInteger bi1 = (BigInteger) coerceToNumber(obj1, BigInteger.class);
return bi0.equals(bi1);
- }
- if (isLongOp(obj0, obj1)) {
+ } else if (isLongOp(obj0, obj1)) {
Long l0 = (Long) coerceToNumber(obj0, Long.class);
Long l1 = (Long) coerceToNumber(obj1, Long.class);
return l0.equals(l1);
+ } else if (obj0 instanceof Boolean || obj1 instanceof Boolean) {
+ return coerceToBoolean(obj0).equals(coerceToBoolean(obj1));
+ } else if (obj0.getClass().isEnum()) {
+ return obj0.equals(coerceToEnum(obj1, obj0.getClass()));
+ } else if (obj1.getClass().isEnum()) {
+ return obj1.equals(coerceToEnum(obj0, obj1.getClass()));
+ } else if (obj0 instanceof String || obj1 instanceof String) {
+ int lexCompare = coerceToString(obj0).compareTo(coerceToString(obj1));
+ return (lexCompare == 0) ? true : false;
} else {
return obj0.equals(obj1);
}
diff --git a/java/org/apache/jasper/JspC.java b/java/org/apache/jasper/JspC.java
index 1f9e2b0..bbadf4a 100644
--- a/java/org/apache/jasper/JspC.java
+++ b/java/org/apache/jasper/JspC.java
@@ -53,7 +53,8 @@ import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tools.ant.AntClassLoader;
-import org.apache.tools.ant.Project;
+import org.apache.tools.ant.BuildException;
+import org.apache.tools.ant.Task;
import org.apache.tools.ant.util.FileUtils;
/**
@@ -88,7 +89,7 @@ import org.apache.tools.ant.util.FileUtils;
* @author Costin Manolache
* @author Yoav Shapira
*/
-public class JspC implements Options {
+public class JspC extends Task implements Options {
public static final String DEFAULT_IE_CLASS_ID =
"clsid:8AD9C840-044E-11D1-B3E9-00805F499D93";
@@ -151,7 +152,6 @@ public class JspC implements Options {
protected String targetClassName;
protected String uriBase;
protected String uriRoot;
- protected Project project;
protected int dieLevel;
protected boolean helpNeeded = false;
protected boolean compile = false;
@@ -236,8 +236,8 @@ public class JspC implements Options {
if (arg.length == 0) {
System.out.println(Localizer.getMessage("jspc.usage"));
} else {
+ JspC jspc = new JspC();
try {
- JspC jspc = new JspC();
jspc.setArgs(arg);
if (jspc.helpNeeded) {
System.out.println(Localizer.getMessage("jspc.usage"));
@@ -249,6 +249,11 @@ public class JspC implements Options {
if (die != NO_DIE_LEVEL) {
System.exit(die);
}
+ } catch (BuildException je) {
+ System.err.println(je);
+ if (jspc.dieLevel != NO_DIE_LEVEL) {
+ System.exit(jspc.dieLevel);
+ }
}
}
}
@@ -772,25 +777,6 @@ public class JspC implements Options {
}
/**
- * Sets the Ant project.
- *
- * @param theProject The project
- */
- public void setProject(final Project theProject) {
- project = theProject;
- }
-
- /**
- * Returns the project: may be <code>null</code> if not running
- * inside an Ant project.
- *
- * @return The project
- */
- public Project getProject() {
- return project;
- }
-
- /**
* Base dir for the webapp. Used to generate class names and resolve
* includes.
*/
@@ -1273,7 +1259,8 @@ public class JspC implements Options {
*
* @throws JasperException If an error occurs
*/
- public void execute() throws JasperException {
+ @Override
+ public void execute() {
if(log.isDebugEnabled()) {
log.debug("execute() starting for " + pages.size() + " pages.");
}
@@ -1348,7 +1335,7 @@ public class JspC implements Options {
}
} catch (IOException ioe) {
- throw new JasperException(ioe);
+ throw new BuildException(ioe);
} catch (JasperException je) {
Throwable rootCause = je;
@@ -1359,7 +1346,7 @@ public class JspC implements Options {
if (rootCause != je) {
rootCause.printStackTrace();
}
- throw je;
+ throw new BuildException(je);
} finally {
if (loader != null) {
LogFactory.release(loader);
diff --git a/java/org/apache/jasper/compiler/Generator.java b/java/org/apache/jasper/compiler/Generator.java
index 66ddc22..a2aa814 100644
--- a/java/org/apache/jasper/compiler/Generator.java
+++ b/java/org/apache/jasper/compiler/Generator.java
@@ -3366,6 +3366,8 @@ class Generator {
out
.printil("if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);");
+ out
+ .printil("else log(t.getMessage(), t);");
out.popIndent();
out.printil("}");
out.popIndent();
diff --git a/java/org/apache/jasper/compiler/Parser.java b/java/org/apache/jasper/compiler/Parser.java
index b9095a2..a2a239c 100644
--- a/java/org/apache/jasper/compiler/Parser.java
+++ b/java/org/apache/jasper/compiler/Parser.java
@@ -1250,7 +1250,7 @@ class Parser implements TagConstants {
/*
* Parse for a template text string until '<' or "${" or "#{" is encountered,
- * recognizing escape sequences "\%", "\$", and "\#".
+ * recognizing escape sequences "<\%", "\$", and "\#".
*/
private void parseTemplateText(Node parent) throws JasperException {
@@ -1267,6 +1267,7 @@ class Parser implements TagConstants {
}
while (reader.hasMoreInput()) {
+ int prev = ch;
ch = reader.nextChar();
if (ch == '<') {
reader.pushChar();
@@ -1291,8 +1292,9 @@ class Parser implements TagConstants {
}
char next = (char) reader.peekChar();
// Looking for \% or \$ or \#
- if (next == '%' || ((next == '$' || next == '#') &&
- !pageInfo.isELIgnored())) {
+ if ((prev == '<' && next == '%') ||
+ ((next == '$' || next == '#') &&
+ !pageInfo.isELIgnored())) {
ch = reader.nextChar();
}
}
diff --git a/java/org/apache/jasper/compiler/TldLocationsCache.java b/java/org/apache/jasper/compiler/TldLocationsCache.java
index 89ba506..2ae46a8 100644
--- a/java/org/apache/jasper/compiler/TldLocationsCache.java
+++ b/java/org/apache/jasper/compiler/TldLocationsCache.java
@@ -129,6 +129,8 @@ public class TldLocationsCache {
noTldJars.add("jasper.jar");
noTldJars.add("jasper-el.jar");
noTldJars.add("ecj-3.7.jar");
+ noTldJars.add("ecj-3.7.1.jar");
+ noTldJars.add("ecj-3.7.2.jar");
noTldJars.add("jsp-api.jar");
noTldJars.add("servlet-api.jar");
noTldJars.add("tomcat-coyote.jar");
diff --git a/java/org/apache/jk/common/HandlerRequest.java b/java/org/apache/jk/common/HandlerRequest.java
index d3c5950..6a42238 100644
--- a/java/org/apache/jk/common/HandlerRequest.java
+++ b/java/org/apache/jk/common/HandlerRequest.java
@@ -183,6 +183,20 @@ public class HandlerRequest extends JkHandler
return delayInitialRead;
}
+ /**
+ * Set the maximum number of headers in a request that are allowed.
+ */
+ public void setMaxHeaderCount(int maxHeaderCount) {
+ this.maxHeaderCount = maxHeaderCount;
+ }
+
+ /**
+ * Get the maximum number of headers in a request that are allowed.
+ */
+ public int getMaxHeaderCount() {
+ return maxHeaderCount;
+ }
+
// -------------------- Ajp13.id --------------------
private void generateAjp13Id() {
@@ -229,12 +243,18 @@ public class HandlerRequest extends JkHandler
private int secretNote;
private int tmpBufNote;
+ /**
+ * The maximum number of headers in a request that are allowed.
+ * 100 by default. A value of less than 0 means no limit.
+ */
+ private int maxHeaderCount = 100; // as in Apache HTTPD server
+
private boolean decoded=true;
private boolean tomcatAuthentication=true;
private boolean registerRequests=true;
private boolean shutdownEnabled=false;
private boolean delayInitialRead = true;
-
+
public int invoke(Msg msg, MsgContext ep )
throws IOException {
int type=msg.getByte();
@@ -564,6 +584,9 @@ public class HandlerRequest extends JkHandler
// Decode headers
MimeHeaders headers = req.getMimeHeaders();
+ // Set this every time in case limit has been changed via JMX
+ req.getMimeHeaders().setLimit(maxHeaderCount);
+
int hCount = msg.getInt();
for(int i = 0 ; i < hCount ; i++) {
String hName = null;
@@ -674,7 +697,7 @@ public class HandlerRequest extends JkHandler
int port = 0;
int mult = 1;
for (int i = valueL - 1; i > colonPos; i--) {
- int charValue = HexUtils.DEC[(int) valueB[i + valueS]];
+ int charValue = HexUtils.getDec(valueB[i + valueS]);
if (charValue == -1) {
// Invalid character
throw new CharConversionException("Invalid char in port: " + valueB[i + valueS]);
diff --git a/java/org/apache/jk/server/JkCoyoteHandler.java b/java/org/apache/jk/server/JkCoyoteHandler.java
index a741d79..025f9d6 100644
--- a/java/org/apache/jk/server/JkCoyoteHandler.java
+++ b/java/org/apache/jk/server/JkCoyoteHandler.java
@@ -103,7 +103,7 @@ public class JkCoyoteHandler extends JkHandler implements ProtocolHandler {
}
return jkMain;
}
-
+
boolean started=false;
/** Start the protocol
diff --git a/java/org/apache/jk/server/JkMain.java b/java/org/apache/jk/server/JkMain.java
index efdb744..b0587a6 100644
--- a/java/org/apache/jk/server/JkMain.java
+++ b/java/org/apache/jk/server/JkMain.java
@@ -151,7 +151,19 @@ public class JkMain implements MBeanRegistration
}
props.put( n, v );
if( started ) {
+ // Replacements need special processing only when started==true,
+ // because preProcessProperties() handles them during startup.
+ String alias = (String) replacements.get(n);
+ if (alias != null) {
+ props.put( alias, v );
+ if (log.isDebugEnabled()) {
+ log.debug("Substituting " + n + " " + alias + " " + v);
+ }
+ }
processProperty( n, v );
+ if (alias != null) {
+ processProperty( alias, v );
+ }
saveProperties();
}
}
@@ -533,6 +545,7 @@ public class JkMain implements MBeanRegistration
replacements.put("bufferSize", "channelSocket.bufferSize");
replacements.put("tomcatAuthentication", "request.tomcatAuthentication");
replacements.put("packetSize", "channelSocket.packetSize");
+ replacements.put("maxHeaderCount", "request.maxHeaderCount");
}
private void preProcessProperties() {
diff --git a/java/org/apache/naming/SelectorContext.java b/java/org/apache/naming/SelectorContext.java
index 28bea1c..f5db681 100644
--- a/java/org/apache/naming/SelectorContext.java
+++ b/java/org/apache/naming/SelectorContext.java
@@ -5,15 +5,15 @@
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
+ */
package org.apache.naming;
@@ -29,7 +29,7 @@ import javax.naming.NamingException;
* Catalina JNDI Context implementation.
*
* @author Remy Maucherat
- * @version $Id: SelectorContext.java 939511 2010-04-29 23:48:20Z kkolinko $
+ * @version $Id: SelectorContext.java 1355524 2012-06-29 19:36:07Z markt $
*/
public class SelectorContext implements Context {
@@ -107,18 +107,18 @@ public class SelectorContext implements Context {
/**
- * Retrieves the named object. If name is empty, returns a new instance
- * of this context (which represents the same naming context as this
- * context, but its environment may be modified independently and it may
+ * Retrieves the named object. If name is empty, returns a new instance
+ * of this context (which represents the same naming context as this
+ * context, but its environment may be modified independently and it may
* be accessed concurrently).
- *
+ *
* @param name the name of the object to look up
* @return the object bound to name
* @exception NamingException if a naming exception is encountered
*/
public Object lookup(Name name)
throws NamingException {
-
+
if (log.isDebugEnabled()) {
log.debug(sm.getString("selectorContext.methodUsingName", "lookup",
name));
@@ -133,7 +133,7 @@ public class SelectorContext implements Context {
/**
* Retrieves the named object.
- *
+ *
* @param name the name of the object to look up
* @return the object bound to name
* @exception NamingException if a naming exception is encountered
@@ -154,10 +154,10 @@ public class SelectorContext implements Context {
/**
- * Binds a name to an object. All intermediate contexts and the target
- * context (that named by all but terminal atomic component of the name)
+ * Binds a name to an object. All intermediate contexts and the target
+ * context (that named by all but terminal atomic component of the name)
* must already exist.
- *
+ *
* @param name the name to bind; may not be empty
* @param obj the object to bind; possibly null
* @exception NameAlreadyBoundException if name is already bound
@@ -173,7 +173,7 @@ public class SelectorContext implements Context {
/**
* Binds a name to an object.
- *
+ *
* @param name the name to bind; may not be empty
* @param obj the object to bind; possibly null
* @exception NameAlreadyBoundException if name is already bound
@@ -188,14 +188,14 @@ public class SelectorContext implements Context {
/**
- * Binds a name to an object, overwriting any existing binding. All
- * intermediate contexts and the target context (that named by all but
+ * Binds a name to an object, overwriting any existing binding. All
+ * intermediate contexts and the target context (that named by all but
* terminal atomic component of the name) must already exist.
* <p>
- * If the object is a DirContext, any existing attributes associated with
- * the name are replaced with those of the object. Otherwise, any
+ * If the object is a DirContext, any existing attributes associated with
+ * the name are replaced with those of the object. Otherwise, any
* existing attributes associated with the name remain unchanged.
- *
+ *
* @param name the name to bind; may not be empty
* @param obj the object to bind; possibly null
* @exception InvalidAttributesException if object did not supply all
@@ -210,7 +210,7 @@ public class SelectorContext implements Context {
/**
* Binds a name to an object, overwriting any existing binding.
- *
+ *
* @param name the name to bind; may not be empty
* @param obj the object to bind; possibly null
* @exception InvalidAttributesException if object did not supply all
@@ -224,14 +224,14 @@ public class SelectorContext implements Context {
/**
- * Unbinds the named object. Removes the terminal atomic name in name
- * from the target context--that named by all but the terminal atomic
+ * Unbinds the named object. Removes the terminal atomic name in name
+ * from the target context--that named by all but the terminal atomic
* part of name.
* <p>
- * This method is idempotent. It succeeds even if the terminal atomic
- * name is not bound in the target context, but throws
- * NameNotFoundException if any of the intermediate contexts do not exist.
- *
+ * This method is idempotent. It succeeds even if the terminal atomic
+ * name is not bound in the target context, but throws
+ * NameNotFoundException if any of the intermediate contexts do not exist.
+ *
* @param name the name to bind; may not be empty
* @exception NameNotFoundException if an intermediate context does not
* exist
@@ -245,7 +245,7 @@ public class SelectorContext implements Context {
/**
* Unbinds the named object.
- *
+ *
* @param name the name to bind; may not be empty
* @exception NameNotFoundException if an intermediate context does not
* exist
@@ -258,11 +258,11 @@ public class SelectorContext implements Context {
/**
- * Binds a new name to the object bound to an old name, and unbinds the
- * old name. Both names are relative to this context. Any attributes
- * associated with the old name become associated with the new name.
+ * Binds a new name to the object bound to an old name, and unbinds the
+ * old name. Both names are relative to this context. Any attributes
+ * associated with the old name become associated with the new name.
* Intermediate contexts of the old name are not changed.
- *
+ *
* @param oldName the name of the existing binding; may not be empty
* @param newName the name of the new binding; may not be empty
* @exception NameAlreadyBoundException if newName is already bound
@@ -275,9 +275,9 @@ public class SelectorContext implements Context {
/**
- * Binds a new name to the object bound to an old name, and unbinds the
+ * Binds a new name to the object bound to an old name, and unbinds the
* old name.
- *
+ *
* @param oldName the name of the existing binding; may not be empty
* @param newName the name of the new binding; may not be empty
* @exception NameAlreadyBoundException if newName is already bound
@@ -290,21 +290,21 @@ public class SelectorContext implements Context {
/**
- * Enumerates the names bound in the named context, along with the class
- * names of objects bound to them. The contents of any subcontexts are
+ * Enumerates the names bound in the named context, along with the class
+ * names of objects bound to them. The contents of any subcontexts are
* not included.
* <p>
- * If a binding is added to or removed from this context, its effect on
+ * If a binding is added to or removed from this context, its effect on
* an enumeration previously returned is undefined.
- *
+ *
* @param name the name of the context to list
- * @return an enumeration of the names and class names of the bindings in
+ * @return an enumeration of the names and class names of the bindings in
* this context. Each element of the enumeration is of type NameClassPair.
* @exception NamingException if a naming exception is encountered
*/
public NamingEnumeration list(Name name)
throws NamingException {
-
+
if (log.isDebugEnabled()) {
log.debug(sm.getString("selectorContext.methodUsingName", "list",
name));
@@ -315,17 +315,17 @@ public class SelectorContext implements Context {
/**
- * Enumerates the names bound in the named context, along with the class
+ * Enumerates the names bound in the named context, along with the class
* names of objects bound to them.
- *
+ *
* @param name the name of the context to list
- * @return an enumeration of the names and class names of the bindings in
+ * @return an enumeration of the names and class names of the bindings in
* this context. Each element of the enumeration is of type NameClassPair.
* @exception NamingException if a naming exception is encountered
*/
public NamingEnumeration list(String name)
throws NamingException {
-
+
if (log.isDebugEnabled()) {
log.debug(sm.getString("selectorContext.methodUsingString", "list",
name));
@@ -336,15 +336,15 @@ public class SelectorContext implements Context {
/**
- * Enumerates the names bound in the named context, along with the
- * objects bound to them. The contents of any subcontexts are not
+ * Enumerates the names bound in the named context, along with the
+ * objects bound to them. The contents of any subcontexts are not
* included.
* <p>
- * If a binding is added to or removed from this context, its effect on
+ * If a binding is added to or removed from this context, its effect on
* an enumeration previously returned is undefined.
- *
+ *
* @param name the name of the context to list
- * @return an enumeration of the bindings in this context.
+ * @return an enumeration of the bindings in this context.
* Each element of the enumeration is of type Binding.
* @exception NamingException if a naming exception is encountered
*/
@@ -361,11 +361,11 @@ public class SelectorContext implements Context {
/**
- * Enumerates the names bound in the named context, along with the
+ * Enumerates the names bound in the named context, along with the
* objects bound to them.
- *
+ *
* @param name the name of the context to list
- * @return an enumeration of the bindings in this context.
+ * @return an enumeration of the bindings in this context.
* Each element of the enumeration is of type Binding.
* @exception NamingException if a naming exception is encountered
*/
@@ -382,24 +382,24 @@ public class SelectorContext implements Context {
/**
- * Destroys the named context and removes it from the namespace. Any
- * attributes associated with the name are also removed. Intermediate
+ * Destroys the named context and removes it from the namespace. Any
+ * attributes associated with the name are also removed. Intermediate
* contexts are not destroyed.
* <p>
- * This method is idempotent. It succeeds even if the terminal atomic
- * name is not bound in the target context, but throws
- * NameNotFoundException if any of the intermediate contexts do not exist.
- *
- * In a federated naming system, a context from one naming system may be
- * bound to a name in another. One can subsequently look up and perform
- * operations on the foreign context using a composite name. However, an
- * attempt destroy the context using this composite name will fail with
- * NotContextException, because the foreign context is not a "subcontext"
- * of the context in which it is bound. Instead, use unbind() to remove
- * the binding of the foreign context. Destroying the foreign context
- * requires that the destroySubcontext() be performed on a context from
+ * This method is idempotent. It succeeds even if the terminal atomic
+ * name is not bound in the target context, but throws
+ * NameNotFoundException if any of the intermediate contexts do not exist.
+ *
+ * In a federated naming system, a context from one naming system may be
+ * bound to a name in another. One can subsequently look up and perform
+ * operations on the foreign context using a composite name. However, an
+ * attempt destroy the context using this composite name will fail with
+ * NotContextException, because the foreign context is not a "subcontext"
+ * of the context in which it is bound. Instead, use unbind() to remove
+ * the binding of the foreign context. Destroying the foreign context
+ * requires that the destroySubcontext() be performed on a context from
* the foreign context's "native" naming system.
- *
+ *
* @param name the name of the context to be destroyed; may not be empty
* @exception NameNotFoundException if an intermediate context does not
* exist
@@ -414,7 +414,7 @@ public class SelectorContext implements Context {
/**
* Destroys the named context and removes it from the namespace.
- *
+ *
* @param name the name of the context to be destroyed; may not be empty
* @exception NameNotFoundException if an intermediate context does not
* exist
@@ -428,11 +428,11 @@ public class SelectorContext implements Context {
/**
- * Creates and binds a new context. Creates a new context with the given
- * name and binds it in the target context (that named by all but
- * terminal atomic component of the name). All intermediate contexts and
+ * Creates and binds a new context. Creates a new context with the given
+ * name and binds it in the target context (that named by all but
+ * terminal atomic component of the name). All intermediate contexts and
* the target context must already exist.
- *
+ *
* @param name the name of the context to create; may not be empty
* @return the newly created context
* @exception NameAlreadyBoundException if name is already bound
@@ -448,7 +448,7 @@ public class SelectorContext implements Context {
/**
* Creates and binds a new context.
- *
+ *
* @param name the name of the context to create; may not be empty
* @return the newly created context
* @exception NameAlreadyBoundException if name is already bound
@@ -463,12 +463,12 @@ public class SelectorContext implements Context {
/**
- * Retrieves the named object, following links except for the terminal
- * atomic component of the name. If the object bound to name is not a
+ * Retrieves the named object, following links except for the terminal
+ * atomic component of the name. If the object bound to name is not a
* link, returns the object itself.
- *
+ *
* @param name the name of the object to look up
- * @return the object bound to name, not following the terminal link
+ * @return the object bound to name, not following the terminal link
* (if any).
* @exception NamingException if a naming exception is encountered
*/
@@ -485,11 +485,11 @@ public class SelectorContext implements Context {
/**
- * Retrieves the named object, following links except for the terminal
+ * Retrieves the named object, following links except for the terminal
* atomic component of the name.
- *
+ *
* @param name the name of the object to look up
- * @return the object bound to name, not following the terminal link
+ * @return the object bound to name, not following the terminal link
* (if any).
* @exception NamingException if a naming exception is encountered
*/
@@ -506,16 +506,16 @@ public class SelectorContext implements Context {
/**
- * Retrieves the parser associated with the named context. In a
- * federation of namespaces, different naming systems will parse names
- * differently. This method allows an application to get a parser for
- * parsing names into their atomic components using the naming convention
- * of a particular naming system. Within any single naming system,
- * NameParser objects returned by this method must be equal (using the
+ * Retrieves the parser associated with the named context. In a
+ * federation of namespaces, different naming systems will parse names
+ * differently. This method allows an application to get a parser for
+ * parsing names into their atomic components using the naming convention
+ * of a particular naming system. Within any single naming system,
+ * NameParser objects returned by this method must be equal (using the
* equals() test).
- *
+ *
* @param name the name of the context from which to get the parser
- * @return a name parser that can parse compound names into their atomic
+ * @return a name parser that can parse compound names into their atomic
* components
* @exception NamingException if a naming exception is encountered
*/
@@ -527,9 +527,9 @@ public class SelectorContext implements Context {
/**
* Retrieves the parser associated with the named context.
- *
+ *
* @param name the name of the context from which to get the parser
- * @return a name parser that can parse compound names into their atomic
+ * @return a name parser that can parse compound names into their atomic
* components
* @exception NamingException if a naming exception is encountered
*/
@@ -542,13 +542,13 @@ public class SelectorContext implements Context {
/**
* Composes the name of this context with a name relative to this context.
* <p>
- * Given a name (name) relative to this context, and the name (prefix)
- * of this context relative to one of its ancestors, this method returns
- * the composition of the two names using the syntax appropriate for the
- * naming system(s) involved. That is, if name names an object relative
- * to this context, the result is the name of the same object, but
+ * Given a name (name) relative to this context, and the name (prefix)
+ * of this context relative to one of its ancestors, this method returns
+ * the composition of the two names using the syntax appropriate for the
+ * naming system(s) involved. That is, if name names an object relative
+ * to this context, the result is the name of the same object, but
* relative to the ancestor context. None of the names may be null.
- *
+ *
* @param name a name relative to this context
* @param prefix the name of this context relative to one of its ancestors
* @return the composition of prefix and name
@@ -563,7 +563,7 @@ public class SelectorContext implements Context {
/**
* Composes the name of this context with a name relative to this context.
- *
+ *
* @param name a name relative to this context
* @param prefix the name of this context relative to one of its ancestors
* @return the composition of prefix and name
@@ -576,10 +576,10 @@ public class SelectorContext implements Context {
/**
- * Adds a new environment property to the environment of this context. If
+ * Adds a new environment property to the environment of this context. If
* the property already exists, its value is overwritten.
- *
- * @param propName the name of the environment property to add; may not
+ *
+ * @param propName the name of the environment property to add; may not
* be null
* @param propVal the value of the property to add; may not be null
* @exception NamingException if a naming exception is encountered
@@ -591,9 +591,9 @@ public class SelectorContext implements Context {
/**
- * Removes an environment property from the environment of this context.
- *
- * @param propName the name of the environment property to remove;
+ * Removes an environment property from the environment of this context.
+ *
+ * @param propName the name of the environment property to remove;
* may not be null
* @exception NamingException if a naming exception is encountered
*/
@@ -604,12 +604,12 @@ public class SelectorContext implements Context {
/**
- * Retrieves the environment in effect for this context. See class
- * description for more details on environment properties.
- * The caller should not make any changes to the object returned: their
- * effect on the context is undefined. The environment of this context
+ * Retrieves the environment in effect for this context. See class
+ * description for more details on environment properties.
+ * The caller should not make any changes to the object returned: their
+ * effect on the context is undefined. The environment of this context
* may be changed using addToEnvironment() and removeFromEnvironment().
- *
+ *
* @return the environment of this context; never null
* @exception NamingException if a naming exception is encountered
*/
@@ -620,13 +620,13 @@ public class SelectorContext implements Context {
/**
- * Closes this context. This method releases this context's resources
- * immediately, instead of waiting for them to be released automatically
+ * Closes this context. This method releases this context's resources
+ * immediately, instead of waiting for them to be released automatically
* by the garbage collector.
- * This method is idempotent: invoking it on a context that has already
- * been closed has no effect. Invoking any other method on a closed
+ * This method is idempotent: invoking it on a context that has already
+ * been closed has no effect. Invoking any other method on a closed
* context is not allowed, and results in undefined behaviour.
- *
+ *
* @exception NamingException if a naming exception is encountered
*/
public void close()
@@ -638,15 +638,15 @@ public class SelectorContext implements Context {
/**
* Retrieves the full name of this context within its own namespace.
* <p>
- * Many naming services have a notion of a "full name" for objects in
- * their respective namespaces. For example, an LDAP entry has a
- * distinguished name, and a DNS record has a fully qualified name. This
- * method allows the client application to retrieve this name. The string
- * returned by this method is not a JNDI composite name and should not be
- * passed directly to context methods. In naming systems for which the
- * notion of full name does not make sense,
+ * Many naming services have a notion of a "full name" for objects in
+ * their respective namespaces. For example, an LDAP entry has a
+ * distinguished name, and a DNS record has a fully qualified name. This
+ * method allows the client application to retrieve this name. The string
+ * returned by this method is not a JNDI composite name and should not be
+ * passed directly to context methods. In naming systems for which the
+ * notion of full name does not make sense,
* OperationNotSupportedException is thrown.
- *
+ *
* @return this context's name in its own namespace; never null
* @exception OperationNotSupportedException if the naming system does
* not have the notion of a full name
@@ -676,7 +676,7 @@ public class SelectorContext implements Context {
}
Context initialContext = ContextBindings.getContext(ICName);
if (initialContext == null) {
- // Allocating a new context and binding it to the appropriate
+ // Allocating a new context and binding it to the appropriate
// name
initialContext = new NamingContext(env, ICName);
ContextBindings.bindContext(ICName, initialContext);
@@ -695,14 +695,14 @@ public class SelectorContext implements Context {
/**
* Strips the URL header.
- *
+ *
* @return the parsed name
- * @exception NamingException if there is no "java:" header or if no
+ * @exception NamingException if there is no "java:" header or if no
* naming context has been bound to this thread
*/
- protected String parseName(String name)
+ protected String parseName(String name)
throws NamingException {
-
+
if ((!initialContext) && (name.startsWith(prefix))) {
return (name.substring(prefixLength));
} else {
@@ -713,29 +713,35 @@ public class SelectorContext implements Context {
(sm.getString("selectorContext.noJavaUrl"));
}
}
-
+
}
/**
* Strips the URL header.
- *
+ *
* @return the parsed name
- * @exception NamingException if there is no "java:" header or if no
+ * @exception NamingException if there is no "java:" header or if no
* naming context has been bound to this thread
*/
- protected Name parseName(Name name)
+ protected Name parseName(Name name)
throws NamingException {
- if ((!initialContext) && (!name.isEmpty())
- && (name.get(0).equals(prefix))) {
- return (name.getSuffix(1));
+ if (!initialContext && !name.isEmpty() &&
+ name.get(0).startsWith(prefix)) {
+ if (name.get(0).equals(prefix)) {
+ return name.getSuffix(1);
+ } else {
+ Name result = name.getSuffix(1);
+ result.add(0, name.get(0).substring(prefixLength));
+ return result;
+ }
} else {
if (initialContext) {
- return (name);
+ return name;
} else {
- throw new NamingException
- (sm.getString("selectorContext.noJavaUrl"));
+ throw new NamingException(
+ sm.getString("selectorContext.noJavaUrl"));
}
}
diff --git a/java/org/apache/naming/resources/FileDirContext.java b/java/org/apache/naming/resources/FileDirContext.java
index fdc64df..b85b8ab 100644
--- a/java/org/apache/naming/resources/FileDirContext.java
+++ b/java/org/apache/naming/resources/FileDirContext.java
@@ -46,7 +46,7 @@ import org.apache.naming.NamingEntry;
* Filesystem Directory Context implementation helper class.
*
* @author Remy Maucherat
- * @version $Id: FileDirContext.java 939511 2010-04-29 23:48:20Z kkolinko $
+ * @version $Id: FileDirContext.java 1394146 2012-10-04 16:35:45Z markt $
*/
public class FileDirContext extends BaseDirContext {
@@ -863,7 +863,7 @@ public class FileDirContext extends BaseDirContext {
Object object = null;
if (currentFile.isDirectory()) {
FileDirContext tempContext = new FileDirContext(env);
- tempContext.setDocBase(file.getPath());
+ tempContext.setDocBase(currentFile.getPath());
tempContext.setAllowLinking(getAllowLinking());
tempContext.setCaseSensitive(isCaseSensitive());
object = tempContext;
diff --git a/java/org/apache/tomcat/jni/Library.java b/java/org/apache/tomcat/jni/Library.java
index f89a983..dae3cfa 100644
--- a/java/org/apache/tomcat/jni/Library.java
+++ b/java/org/apache/tomcat/jni/Library.java
@@ -20,7 +20,7 @@ package org.apache.tomcat.jni;
/** Library
*
* @author Mladen Turk
- * @version $Id: Library.java 939351 2010-04-29 15:41:54Z kkolinko $
+ * @version $Id: Library.java 1304509 2012-03-23 17:25:38Z kkolinko $
*/
public final class Library {
@@ -85,6 +85,8 @@ public final class Library {
public static int TCN_PATCH_VERSION = 0;
/* TCN_IS_DEV_VERSION */
public static int TCN_IS_DEV_VERSION = 0;
+ /* TCN_FULL_VERSION */
+ public static int TCN_FULL_VERSION = 0;
/* APR_MAJOR_VERSION */
public static int APR_MAJOR_VERSION = 0;
/* APR_MINOR_VERSION */
@@ -161,6 +163,9 @@ public final class Library {
TCN_MINOR_VERSION = version(0x02);
TCN_PATCH_VERSION = version(0x03);
TCN_IS_DEV_VERSION = version(0x04);
+ TCN_FULL_VERSION = TCN_MAJOR_VERSION * 1000 +
+ TCN_MINOR_VERSION * 100 +
+ TCN_PATCH_VERSION;
APR_MAJOR_VERSION = version(0x11);
APR_MINOR_VERSION = version(0x12);
APR_PATCH_VERSION = version(0x13);
diff --git a/java/org/apache/tomcat/jni/SSL.java b/java/org/apache/tomcat/jni/SSL.java
index 954a492..74f6fa6 100644
--- a/java/org/apache/tomcat/jni/SSL.java
+++ b/java/org/apache/tomcat/jni/SSL.java
@@ -20,7 +20,7 @@ package org.apache.tomcat.jni;
/** SSL
*
* @author Mladen Turk
- * @version $Id: SSL.java 939351 2010-04-29 15:41:54Z kkolinko $
+ * @version $Id: SSL.java 1224628 2011-12-25 18:52:37Z kkolinko $
*/
public final class SSL {
@@ -227,6 +227,15 @@ public final class SSL {
public static native int initialize(String engine);
/**
+ * Enable/Disable FIPS Mode.
+ *
+ * @param mode 1 - enable, 0 - disable
+ *
+ * @return FIPS_mode_set return code
+ */
+ public static native int fipsModeSet(int mode);
+
+ /**
* Set source of entropy to use in SSL
* @param filename Filename containing random data
*/
diff --git a/java/org/apache/tomcat/util/buf/HexUtils.java b/java/org/apache/tomcat/util/buf/HexUtils.java
index 192988a..6c3c953 100644
--- a/java/org/apache/tomcat/util/buf/HexUtils.java
+++ b/java/org/apache/tomcat/util/buf/HexUtils.java
@@ -37,23 +37,11 @@ public final class HexUtils {
/**
* Table for HEX to DEC byte translation.
*/
- public static final int[] DEC = {
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ private static final int[] DEC = {
00, 01, 02, 03, 04, 05, 06, 07, 8, 9, -1, -1, -1, -1, -1, -1,
-1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, 10, 11, 12, 13, 14, 15,
};
@@ -75,6 +63,14 @@ public final class HexUtils {
// --------------------------------------------------------- Static Methods
+ public static int getDec(int index){
+ // Fast for correct values, slower for incorrect ones
+ try {
+ return DEC[index - '0'];
+ } catch (ArrayIndexOutOfBoundsException ex) {
+ return -1;
+ }
+ }
/**
* Convert a String of hexadecimal digits into the corresponding
@@ -146,6 +142,7 @@ public final class HexUtils {
*
* @exception IllegalArgumentException if an invalid hexadecimal digit
* is included
+ * @deprecated Not used, will be removed in Tomcat 7
*/
public static int convert2Int( byte[] hex ) {
// Code from Ajp11, from Apache's JServ
@@ -154,21 +151,21 @@ public final class HexUtils {
// assert valid data
int len;
if(hex.length < 4 ) return 0;
- if( DEC[hex[0]]<0 )
+ if( getDec(hex[0])<0 )
throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len = DEC[hex[0]];
+ len = getDec(hex[0]);
len = len << 4;
- if( DEC[hex[1]]<0 )
+ if( getDec(hex[1])<0 )
throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len += DEC[hex[1]];
+ len += getDec(hex[1]);
len = len << 4;
- if( DEC[hex[2]]<0 )
+ if( getDec(hex[2])<0 )
throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len += DEC[hex[2]];
+ len += getDec(hex[2]);
len = len << 4;
- if( DEC[hex[3]]<0 )
+ if( getDec(hex[3])<0 )
throw new IllegalArgumentException(sm.getString("hexUtil.bad"));
- len += DEC[hex[3]];
+ len += getDec(hex[3]);
return len;
}
diff --git a/java/org/apache/tomcat/util/buf/UDecoder.java b/java/org/apache/tomcat/util/buf/UDecoder.java
index 00a9028..a6d03da 100644
--- a/java/org/apache/tomcat/util/buf/UDecoder.java
+++ b/java/org/apache/tomcat/util/buf/UDecoder.java
@@ -33,6 +33,30 @@ public final class UDecoder {
protected static final boolean ALLOW_ENCODED_SLASH =
Boolean.valueOf(System.getProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "false")).booleanValue();
+ private static class DecodeException extends CharConversionException {
+ private static final long serialVersionUID = 1L;
+ public DecodeException(String s) {
+ super(s);
+ }
+
+ @Override
+ public synchronized Throwable fillInStackTrace() {
+ // This class does not provide a stack trace
+ return this;
+ }
+ }
+
+ /** Unexpected end of data. */
+ private static final IOException EXCEPTION_EOF = new DecodeException("EOF");
+
+ /** %xx with not-hex digit */
+ private static final IOException EXCEPTION_NOT_HEX_DIGIT = new DecodeException(
+ "isHexDigit");
+
+ /** %-encoded slash is forbidden in resource path */
+ private static final IOException EXCEPTION_SLASH = new DecodeException(
+ "noSlash");
+
public UDecoder()
{
}
@@ -57,18 +81,20 @@ public final class UDecoder {
int idx= ByteChunk.indexOf( buff, start, end, '%' );
int idx2=-1;
- if( query )
- idx2= ByteChunk.indexOf( buff, start, end, '+' );
+ if( query ) {
+ idx2= ByteChunk.indexOf( buff, start, (idx >= 0 ? idx : end), '+' );
+ }
if( idx<0 && idx2<0 ) {
return;
}
- // idx will be the smallest positive inxes ( first % or + )
- if( idx2 >= 0 && idx2 < idx ) idx=idx2;
- if( idx < 0 ) idx=idx2;
+ // idx will be the smallest positive index ( first % or + )
+ if( (idx2 >= 0 && idx2 < idx) || idx < 0 ) {
+ idx=idx2;
+ }
+
+ final boolean noSlash = !(ALLOW_ENCODED_SLASH || query);
- boolean noSlash = !(ALLOW_ENCODED_SLASH || query);
-
for( int j=idx; j<end; j++, idx++ ) {
if( buff[ j ] == '+' && query) {
buff[idx]= (byte)' ' ;
@@ -77,18 +103,18 @@ public final class UDecoder {
} else {
// read next 2 digits
if( j+2 >= end ) {
- throw new CharConversionException("EOF");
+ throw EXCEPTION_EOF;
}
byte b1= buff[j+1];
byte b2=buff[j+2];
if( !isHexDigit( b1 ) || ! isHexDigit(b2 ))
- throw new CharConversionException( "isHexDigit");
+ throw EXCEPTION_NOT_HEX_DIGIT;
j+=2;
int res=x2c( b1, b2 );
- if (noSlash && (res == '/')) {
- throw new CharConversionException( "noSlash");
- }
+ if (noSlash && (res == '/')) {
+ throw EXCEPTION_SLASH;
+ }
buff[idx]=(byte)res;
}
}
@@ -122,14 +148,19 @@ public final class UDecoder {
int idx= CharChunk.indexOf( buff, start, cend, '%' );
int idx2=-1;
- if( query )
- idx2= CharChunk.indexOf( buff, start, cend, '+' );
+ if( query ) {
+ idx2= CharChunk.indexOf( buff, start, (idx >= 0 ? idx : cend), '+' );
+ }
if( idx<0 && idx2<0 ) {
return;
}
-
- if( idx2 >= 0 && idx2 < idx ) idx=idx2;
- if( idx < 0 ) idx=idx2;
+
+ // idx will be the smallest positive index ( first % or + )
+ if( (idx2 >= 0 && idx2 < idx) || idx < 0 ) {
+ idx=idx2;
+ }
+
+ final boolean noSlash = !(ALLOW_ENCODED_SLASH || query);
for( int j=idx; j<cend; j++, idx++ ) {
if( buff[ j ] == '+' && query ) {
@@ -140,15 +171,18 @@ public final class UDecoder {
// read next 2 digits
if( j+2 >= cend ) {
// invalid
- throw new CharConversionException("EOF");
+ throw EXCEPTION_EOF;
}
char b1= buff[j+1];
char b2=buff[j+2];
if( !isHexDigit( b1 ) || ! isHexDigit(b2 ))
- throw new CharConversionException("isHexDigit");
+ throw EXCEPTION_NOT_HEX_DIGIT;
j+=2;
int res=x2c( b1, b2 );
+ if (noSlash && (res == '/')) {
+ throw EXCEPTION_SLASH;
+ }
buff[idx]=(char)res;
}
}
@@ -174,7 +208,11 @@ public final class UDecoder {
case MessageBytes.T_STR:
String strValue=mb.toString();
if( strValue==null ) return;
- mb.setString( convert( strValue, query ));
+ try {
+ mb.setString( convert( strValue, query ));
+ } catch (RuntimeException ex) {
+ throw new DecodeException(ex.getMessage());
+ }
break;
case MessageBytes.T_CHARS:
CharChunk charC=mb.getCharChunk();
@@ -200,8 +238,10 @@ public final class UDecoder {
if( (!query || str.indexOf( '+' ) < 0) && str.indexOf( '%' ) < 0 )
return str;
-
- StringBuffer dec = new StringBuffer(); // decoded string output
+
+ final boolean noSlash = !(ALLOW_ENCODED_SLASH || query);
+
+ StringBuilder dec = new StringBuilder(); // decoded string output
int strPos = 0;
int strLen = str.length();
@@ -238,8 +278,12 @@ public final class UDecoder {
// We throw the original exception - the super will deal with
// it
// try {
- dec.append((char)Integer.
- parseInt(str.substring(strPos + 1, strPos + 3),16));
+ char res = (char) Integer.parseInt(
+ str.substring(strPos + 1, strPos + 3), 16);
+ if (noSlash && (res == '/')) {
+ throw new IllegalArgumentException("noSlash");
+ }
+ dec.append(res);
strPos += 3;
}
}
diff --git a/java/org/apache/tomcat/util/http/LocalStrings.properties b/java/org/apache/tomcat/util/http/LocalStrings.properties
index 7d7ff06..badd276 100644
--- a/java/org/apache/tomcat/util/http/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/http/LocalStrings.properties
@@ -17,7 +17,10 @@ parameters.bytes=Start processing with input [{0}]
parameters.copyFail=Failed to create copy of original parameter values for debug logging purposes
parameters.decodeFail.debug=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored.
parameters.decodeFail.info=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored. Note that the name and value quoted here may be corrupted due to the failed decoding. Use debug level logging to see the original, non-corrupted values.
+parameters.emptyChunk=Empty parameter chunk ignored
parameters.invalidChunk=Invalid chunk starting at byte [{0}] and ending at byte [{1}] with a value of [{2}] ignored
parameters.maxCountFail=More than the maximum number of request parameters (GET plus POST) for a single request ([{0}]) were detected. Any parameters beyond this limit have been ignored. To change this limit, set the maxParameterCount attribute on the Connector.
parameters.multipleDecodingFail=Character decoding failed. A total of [{0}] failures were detected but only the first was logged. Enable debug level logging for this logger to log all failures.
parameters.noequal=Parameter starting at position [{0}] and ending at position [{1}] with a value of [{0}] was not followed by an '=' character
+
+headers.maxCountFail=More than the maximum allowed number of headers ([{0}]) were detected.
diff --git a/java/org/apache/tomcat/util/http/MimeHeaders.java b/java/org/apache/tomcat/util/http/MimeHeaders.java
index 5cd23c9..69758a5 100644
--- a/java/org/apache/tomcat/util/http/MimeHeaders.java
+++ b/java/org/apache/tomcat/util/http/MimeHeaders.java
@@ -22,6 +22,7 @@ import java.io.StringWriter;
import java.util.Enumeration;
import org.apache.tomcat.util.buf.MessageBytes;
+import org.apache.tomcat.util.res.StringManager;
/* XXX XXX XXX Need a major rewrite !!!!
*/
@@ -96,7 +97,10 @@ public class MimeHeaders {
* XXX make it configurable ( fine-tuning of web-apps )
*/
public static final int DEFAULT_HEADER_SIZE=8;
-
+
+ private static final StringManager sm =
+ StringManager.getManager("org.apache.tomcat.util.http");
+
/**
* The header fields.
*/
@@ -109,12 +113,30 @@ public class MimeHeaders {
private int count;
/**
+ * The limit on the number of header fields.
+ */
+ private int limit = -1;
+
+ /**
* Creates a new MimeHeaders object using a default buffer size.
*/
public MimeHeaders() {
}
/**
+ * Set limit on the number of header fields.
+ */
+ public void setLimit(int limit) {
+ this.limit = limit;
+ if (limit > 0 && headers.length > limit && count < limit) {
+ // shrink header list array
+ MimeHeaderField tmp[] = new MimeHeaderField[limit];
+ System.arraycopy(headers, 0, tmp, 0, count);
+ headers = tmp;
+ }
+ }
+
+ /**
* Clears all header fields.
*/
// [seguin] added for consistency -- most other objects have recycle().
@@ -218,11 +240,19 @@ public class MimeHeaders {
* field has not had its name or value initialized.
*/
private MimeHeaderField createHeader() {
+ if (limit > -1 && count >= limit) {
+ throw new IllegalStateException(sm.getString(
+ "headers.maxCountFail", Integer.valueOf(limit)));
+ }
MimeHeaderField mh;
int len = headers.length;
if (count >= len) {
// expand header list array
- MimeHeaderField tmp[] = new MimeHeaderField[count * 2];
+ int newLength = count * 2;
+ if (limit > 0 && newLength > limit) {
+ newLength = limit;
+ }
+ MimeHeaderField tmp[] = new MimeHeaderField[newLength];
System.arraycopy(headers, 0, tmp, 0, len);
headers = tmp;
}
diff --git a/java/org/apache/tomcat/util/http/Parameters.java b/java/org/apache/tomcat/util/http/Parameters.java
index a9dd3b3..501cf6c 100644
--- a/java/org/apache/tomcat/util/http/Parameters.java
+++ b/java/org/apache/tomcat/util/http/Parameters.java
@@ -237,9 +237,9 @@ public final class Parameters {
while(pos < end) {
parameterCount ++;
- if (limit > -1 && parameterCount >= limit) {
+ if (limit > -1 && parameterCount > limit) {
parseFailed = true;
- log.warn(sm.getString("parameters.maxCountFail",
+ log.info(sm.getString("parameters.maxCountFail",
Integer.valueOf(limit)));
break;
}
@@ -314,6 +314,15 @@ public final class Parameters {
}
if (nameEnd <= nameStart ) {
+ if (valueStart == -1) {
+ // &&
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("parameters.emptyChunk"));
+ }
+ // Do not flag as error
+ continue;
+ }
+ // &=foo&
if (log.isInfoEnabled()) {
if (valueEnd >= nameStart && log.isDebugEnabled()) {
String extract = null;
@@ -341,7 +350,11 @@ public final class Parameters {
}
tmpName.setBytes(bytes, nameStart, nameEnd - nameStart);
- tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
+ if (valueStart >= 0) {
+ tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
+ } else {
+ tmpValue.setBytes(bytes, 0, 0);
+ }
// Take copies as if anything goes wrong originals will be
// corrupted. This means original values can be logged.
@@ -349,7 +362,11 @@ public final class Parameters {
if (log.isDebugEnabled()) {
try {
origName.append(bytes, nameStart, nameEnd - nameStart);
- origValue.append(bytes, valueStart, valueEnd - valueStart);
+ if (valueStart >= 0) {
+ origValue.append(bytes, valueStart, valueEnd - valueStart);
+ } else {
+ origValue.append(bytes, 0, 0);
+ }
} catch (IOException ioe) {
// Should never happen...
log.error(sm.getString("parameters.copyFail"), ioe);
@@ -366,11 +383,15 @@ public final class Parameters {
tmpName.setCharset(charset);
name = tmpName.toString();
- if (decodeValue) {
- urlDecode(tmpValue);
+ if (valueStart >= 0) {
+ if (decodeValue) {
+ urlDecode(tmpValue);
+ }
+ tmpValue.setCharset(charset);
+ value = tmpValue.toString();
+ } else {
+ value = "";
}
- tmpValue.setCharset(charset);
- value = tmpValue.toString();
addParam(name, value);
} catch (IOException e) {
diff --git a/java/org/apache/tomcat/util/http/mapper/Mapper.java b/java/org/apache/tomcat/util/http/mapper/Mapper.java
index c5e0693..9c3b660 100644
--- a/java/org/apache/tomcat/util/http/mapper/Mapper.java
+++ b/java/org/apache/tomcat/util/http/mapper/Mapper.java
@@ -154,7 +154,7 @@ public final class Mapper {
Host newHost = new Host();
newHost.name = alias;
newHost.contextList = realHost.contextList;
- newHost.object = realHost;
+ newHost.object = realHost.object;
if (insertMap(hosts, newHosts, newHost)) {
hosts = newHosts;
}
diff --git a/java/org/apache/tomcat/util/http/res/LocalStrings.properties b/java/org/apache/tomcat/util/http/res/LocalStrings.properties
index 33102df..0fe0bbc 100644
--- a/java/org/apache/tomcat/util/http/res/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/http/res/LocalStrings.properties
@@ -15,8 +15,13 @@
# HttpMessages. The values in this file will be used in HTTP headers and as such
# may only contain TEXT as defined by RFC 2616
+# All status codes registered with IANA can be found at
+# http://www.iana.org/assignments/http-status-codes/http-status-codes.xml
+# The list might be kept in sync with the one in
+# java/org/apache/catalina/valves/LocalStrings.properties
sc.100=Continue
sc.101=Switching Protocols
+sc.102=Processing
sc.200=OK
sc.201=Created
sc.202=Accepted
@@ -25,13 +30,16 @@ sc.204=No Content
sc.205=Reset Content
sc.206=Partial Content
sc.207=Multi-Status
+sc.208=Already Reported
+sc.226=IM Used
sc.300=Multiple Choices
sc.301=Moved Permanently
-sc.302=Moved Temporarily
+sc.302=Found
sc.303=See Other
sc.304=Not Modified
sc.305=Use Proxy
sc.307=Temporary Redirect
+sc.308=Permanent Redirect
sc.400=Bad Request
sc.401=Unauthorized
sc.402=Payment Required
@@ -53,10 +61,18 @@ sc.417=Expectation Failed
sc.422=Unprocessable Entity
sc.423=Locked
sc.424=Failed Dependency
+sc.426=Upgrade Required
+sc.428=Precondition Required
+sc.429=Too Many Requests
+sc.431=Request Header Fields Too Large
sc.500=Internal Server Error
sc.501=Not Implemented
sc.502=Bad Gateway
sc.503=Service Unavailable
sc.504=Gateway Timeout
sc.505=HTTP Version Not Supported
+sc.506=Variant Also Negotiates (Experimental)
sc.507=Insufficient Storage
+sc.508=Loop Detected
+sc.510=Not Extended
+sc.511=Network Authentication Required
\ No newline at end of file
diff --git a/java/org/apache/tomcat/util/http/res/LocalStrings_ja.properties b/java/org/apache/tomcat/util/http/res/LocalStrings_ja.properties
index 99234bc..5c944db 100644
--- a/java/org/apache/tomcat/util/http/res/LocalStrings_ja.properties
+++ b/java/org/apache/tomcat/util/http/res/LocalStrings_ja.properties
@@ -14,50 +14,6 @@
# limitations under the License.
# HttpMessages. The values in this file will be used in HTTP headers and as such
-# may only contain TEXT as defined by RFC 2616. Since Japanese language messages
-# do not meet this requirement, English text is used.
-sc.100=Continue
-sc.101=Switching Protocols
-sc.200=OK
-sc.201=Created
-sc.202=Accepted
-sc.203=Non-Authoritative Information
-sc.204=No Content
-sc.205=Reset Content
-sc.206=Partial Content
-sc.207=Multi-Status
-sc.300=Multiple Choices
-sc.301=Moved Permanently
-sc.302=Moved Temporarily
-sc.303=See Other
-sc.304=Not Modified
-sc.305=Use Proxy
-sc.307=Temporary Redirect
-sc.400=Bad Request
-sc.401=Unauthorized
-sc.402=Payment Required
-sc.403=Forbidden
-sc.404=Not Found
-sc.405=Method Not Allowed
-sc.406=Not Acceptable
-sc.407=Proxy Authentication Required
-sc.408=Request Timeout
-sc.409=Conflict
-sc.410=Gone
-sc.411=Length Required
-sc.412=Precondition Failed
-sc.413=Request Entity Too Large
-sc.414=Request-URI Too Long
-sc.415=Unsupported Media Type
-sc.416=Requested Range Not Satisfiable
-sc.417=Expectation Failed
-sc.422=Unprocessable Entity
-sc.423=Locked
-sc.424=Failed Dependency
-sc.500=Internal Server Error
-sc.501=Not Implemented
-sc.502=Bad Gateway
-sc.503=Service Unavailable
-sc.504=Gateway Timeout
-sc.505=HTTP Version Not Supported
-sc.507=Insufficient Storage
+# may only contain TEXT as defined by RFC 2616. Since Japanese language
+# messages do not meet this requirement, English text is used.
+# The English messages can be found in the default file LocalStrings.properties.
\ No newline at end of file
diff --git a/java/javax/el/ELContextEvent.java b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
similarity index 65%
copy from java/javax/el/ELContextEvent.java
copy to java/org/apache/tomcat/util/net/AbstractEndpoint.java
index 6c5c17e..d8ac99d 100644
--- a/java/javax/el/ELContextEvent.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -5,34 +5,29 @@
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+package org.apache.tomcat.util.net;
-package javax.el;
-
-import java.util.EventObject;
-
-/**
- *
- */
-public class ELContextEvent extends EventObject {
+public class AbstractEndpoint {
/**
- * @param source
+ * The maximum number of headers in a request that are allowed.
+ * 100 by default. A value of less than 0 means no limit.
*/
- public ELContextEvent(ELContext source) {
- super(source);
+ private int maxHeaderCount = 100; // as in Apache HTTPD server
+ public int getMaxHeaderCount() {
+ return maxHeaderCount;
}
-
- public ELContext getELContext() {
- return (ELContext) this.getSource();
+ public void setMaxHeaderCount(int maxHeaderCount) {
+ this.maxHeaderCount = maxHeaderCount;
}
}
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java b/java/org/apache/tomcat/util/net/AprEndpoint.java
index c0fa2b8..f3288cf 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -55,7 +55,7 @@ import org.apache.tomcat.util.res.StringManager;
* @author Mladen Turk
* @author Remy Maucherat
*/
-public class AprEndpoint {
+public class AprEndpoint extends AbstractEndpoint {
// -------------------------------------------------------------- Constants
@@ -705,24 +705,52 @@ public class AprEndpoint {
if (SSLEnabled) {
// SSL protocol
- int value = SSL.SSL_PROTOCOL_ALL;
- if ("SSLv2".equalsIgnoreCase(SSLProtocol)) {
- value = SSL.SSL_PROTOCOL_SSLV2;
- } else if ("SSLv3".equalsIgnoreCase(SSLProtocol)) {
- value = SSL.SSL_PROTOCOL_SSLV3;
- } else if ("TLSv1".equalsIgnoreCase(SSLProtocol)) {
- value = SSL.SSL_PROTOCOL_TLSV1;
- } else if ("SSLv2+SSLv3".equalsIgnoreCase(SSLProtocol)) {
- value = SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3;
- } else if ("all".equalsIgnoreCase(SSLProtocol) ||
- SSLProtocol == null || SSLProtocol.length() == 0) {
- // NOOP, use the default defined above
+ int value;
+ // This branch can be removed, once the required version is at least 1.1.21.
+ if (Library.TCN_FULL_VERSION <= 1120) {
+ value = SSL.SSL_PROTOCOL_ALL;
+ if ("SSLv2".equalsIgnoreCase(SSLProtocol)) {
+ value = SSL.SSL_PROTOCOL_SSLV2;
+ } else if ("SSLv3".equalsIgnoreCase(SSLProtocol)) {
+ value = SSL.SSL_PROTOCOL_SSLV3;
+ } else if ("TLSv1".equalsIgnoreCase(SSLProtocol)) {
+ value = SSL.SSL_PROTOCOL_TLSV1;
+ } else if ("SSLv2+SSLv3".equalsIgnoreCase(SSLProtocol)) {
+ value = SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3;
+ } else if ("all".equalsIgnoreCase(SSLProtocol) ||
+ SSLProtocol == null || SSLProtocol.length() == 0) {
+ // NOOP, use the default defined above
+ } else {
+ // Protocol not recognized, fail to start as it is safer than
+ // continuing with the default which might enable more than the
+ // is required
+ throw new Exception(sm.getString(
+ "endpoint.apr.invalidSslProtocol", SSLProtocol));
+ }
} else {
- // Protocol not recognized, fail to start as it is safer than
- // continuing with the default which might enable more than the
- // is required
- throw new Exception(sm.getString(
- "endpoint.apr.invalidSslProtocol", SSLProtocol));
+ value = SSL.SSL_PROTOCOL_NONE;
+ if (SSLProtocol == null || SSLProtocol.length() == 0) {
+ value = SSL.SSL_PROTOCOL_ALL;
+ } else {
+ for (String protocol : SSLProtocol.split("\\+")) {
+ protocol = protocol.trim();
+ if ("SSLv2".equalsIgnoreCase(protocol)) {
+ value |= SSL.SSL_PROTOCOL_SSLV2;
+ } else if ("SSLv3".equalsIgnoreCase(protocol)) {
+ value |= SSL.SSL_PROTOCOL_SSLV3;
+ } else if ("TLSv1".equalsIgnoreCase(protocol)) {
+ value |= SSL.SSL_PROTOCOL_TLSV1;
+ } else if ("all".equalsIgnoreCase(protocol)) {
+ value |= SSL.SSL_PROTOCOL_ALL;
+ } else {
+ // Protocol not recognized, fail to start as it is safer than
+ // continuing with the default which might enable more than the
+ // is required
+ throw new Exception(sm.getString(
+ "endpoint.apr.invalidSslProtocol", SSLProtocol));
+ }
+ }
+ }
}
// Create SSL Context
diff --git a/java/org/apache/tomcat/util/net/JIoEndpoint.java b/java/org/apache/tomcat/util/net/JIoEndpoint.java
index 801d350..c2e6f72 100644
--- a/java/org/apache/tomcat/util/net/JIoEndpoint.java
+++ b/java/org/apache/tomcat/util/net/JIoEndpoint.java
@@ -45,7 +45,7 @@ import org.apache.tomcat.util.res.StringManager;
* @author Yoav Shapira
* @author Remy Maucherat
*/
-public class JIoEndpoint {
+public class JIoEndpoint extends AbstractEndpoint {
// -------------------------------------------------------------- Constants
diff --git a/java/org/apache/tomcat/util/net/NioEndpoint.java b/java/org/apache/tomcat/util/net/NioEndpoint.java
index 805a929..1a5c0a5 100644
--- a/java/org/apache/tomcat/util/net/NioEndpoint.java
+++ b/java/org/apache/tomcat/util/net/NioEndpoint.java
@@ -77,7 +77,7 @@ import org.apache.tomcat.util.res.StringManager;
* @author Remy Maucherat
* @author Filip Hanik
*/
-public class NioEndpoint {
+public class NioEndpoint extends AbstractEndpoint {
// -------------------------------------------------------------- Constants
@@ -1713,8 +1713,14 @@ public class NioEndpoint {
public boolean processSendfile(SelectionKey sk, KeyAttachment attachment, boolean reg, boolean event) {
NioChannel sc = null;
try {
- //unreg(sk,attachment);//only do this if we do process send file on a separate thread
+ unreg(sk, attachment, sk.readyOps());
SendfileData sd = attachment.getSendfileData();
+
+ if (log.isTraceEnabled()) {
+ log.trace("Processing send file for: " + sd.fileName);
+ }
+
+ //setup the file channel
if ( sd.fchannel == null ) {
File f = new File(sd.fileName);
if ( !f.exists() ) {
@@ -1723,10 +1729,14 @@ public class NioEndpoint {
}
sd.fchannel = new FileInputStream(f).getChannel();
}
+
+ //configure output channel
sc = attachment.getChannel();
sc.setSendFile(true);
+ //ssl channel is slightly different
WritableByteChannel wc =(WritableByteChannel) ((sc instanceof SecureNioChannel)?sc:sc.getIOChannel());
-
+
+ //we still have data in the buffer
if (sc.getOutboundRemaining()>0) {
if (sc.flushOutbound()) {
attachment.access();
@@ -1753,15 +1763,13 @@ public class NioEndpoint {
attachment.setSendfileData(null);
try {sd.fchannel.close();}catch(Exception ignore){}
if ( sd.keepAlive ) {
- if (reg) {
- if (log.isDebugEnabled()) {
- log.debug("Connection is keep alive, registering back for OP_READ");
- }
- if (event) {
- this.add(attachment.getChannel(),SelectionKey.OP_READ);
- } else {
- reg(sk,attachment,SelectionKey.OP_READ);
- }
+ if (log.isDebugEnabled()) {
+ log.debug("Connection is keep alive, registering back for OP_READ");
+ }
+ if (event) {
+ this.add(attachment.getChannel(),SelectionKey.OP_READ);
+ } else {
+ reg(sk,attachment,SelectionKey.OP_READ);
}
} else {
if (log.isDebugEnabled()) {
@@ -1770,9 +1778,9 @@ public class NioEndpoint {
cancelledKey(sk,SocketStatus.STOP,false);
return false;
}
- } else if ( attachment.interestOps() == 0 && reg ) {
+ } else {
if (log.isDebugEnabled()) {
- log.debug("OP_WRITE for sendilfe:"+sd.fileName);
+ log.debug("OP_WRITE for sendfile:" + sd.fileName);
}
if (event) {
add(attachment.getChannel(),SelectionKey.OP_WRITE);
diff --git a/java/org/apache/tomcat/util/net/SocketProperties.java b/java/org/apache/tomcat/util/net/SocketProperties.java
index b422e2a..688414a 100644
--- a/java/org/apache/tomcat/util/net/SocketProperties.java
+++ b/java/org/apache/tomcat/util/net/SocketProperties.java
@@ -140,19 +140,19 @@ public class SocketProperties {
protected int soTrafficClass = 0x04 | 0x08 | 0x010;
/**
* Performance preferences according to
- * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
+ * http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
* Default value is 1
*/
protected int performanceConnectionTime = 1;
/**
* Performance preferences according to
- * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
+ * http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
* Default value is 0
*/
protected int performanceLatency = 0;
/**
* Performance preferences according to
- * http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
+ * http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)
* Default value is 1
*/
protected int performanceBandwidth = 1;
diff --git a/res/License.rtf b/res/License.rtf
deleted file mode 100644
index bfcc412..0000000
--- a/res/License.rtf
+++ /dev/null
@@ -1,409 +0,0 @@
-{\rtf1\ansi\deff1\adeflang1025
-{\fonttbl{\f0\froman\fprq2\fcharset0 Times New Roman;}{\f1\fswiss\fprq2\fcharset0 Arial;}{\f2\fswiss\fprq2\fcharset0 Arial;}{\f3\fnil\fprq2\fcharset0 MS Mincho;}{\f4\fnil\fprq2\fcharset0 Tahoma;}{\f5\fnil\fprq0\fcharset0 Tahoma;}}
-{\colortbl;\red0\green0\blue0;\red0\green0\blue128;\red128\green128\blue128;}
-{\stylesheet{\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs24\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs24\lang2057\loch\f1\fs24\lang2057\snext1 Normal;}
-{\s2\sb240\sa120\keepn\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af4\afs28\lang255\ltrch\dbch\af3\langfe255\hich\fs28\lang2057\loch\fs28\lang2057\sbasedon1\snext3 Heading;}
-{\s3\sa120\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs24\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs24\lang2057\loch\f1\fs24\lang2057\sbasedon1\snext3 Body Text;}
-{\s4\sa120\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af5\afs24\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs24\lang2057\loch\f1\fs24\lang2057\sbasedon3\snext4 List;}
-{\s5\sb120\sa120\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af5\afs24\lang255\ai\ltrch\dbch\af1\langfe255\hich\f1\fs24\lang2057\i\loch\f1\fs24\lang2057\i\sbasedon1\snext5 caption;}
-{\s6\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af5\afs24\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs24\lang2057\loch\f1\fs24\lang2057\sbasedon1\snext6 Index;}
-{\*\cs8\cf0\rtlch\af1\afs24\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs24\lang2057\loch\f1\fs24\lang2057 Numbering Symbols;}
-{\*\cs9\cf2\ul\ulc0\rtlch\af1\afs24\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs24\lang2057\loch\f1\fs24\lang2057 Internet link;}
-}{\*\listtable{\list\listtemplateid1
-{\listlevel\levelnfc0\leveljc0\levelstartat1\levelfollow0{\leveltext \'02\'00.;}{\levelnumbers\'01;}\fi-360\li720}\listid1}
-{\list\listtemplateid2
-{\listlevel\levelnfc0\leveljc0\levelstartat1\levelfollow0{\leveltext \'02\'00.;}{\levelnumbers\'01;}\fi-360\li720}\listid2}
-}{\listoverridetable{\listoverride\listid1\listoverridecount0\ls0}{\listoverride\listid2\listoverridecount0\ls1}}
-
-{\info{\creatim\yr0\mo0\dy0\hr0\min0}{\revtim\yr0\mo0\dy0\hr0\min0}{\printim\yr0\mo0\dy0\hr0\min0}{\comment StarWriter}{\vern6800}}\deftab720
-{\*\pgdsctbl
-{\pgdsc0\pgdscuse195\pgwsxn12240\pghsxn15840\marglsxn1800\margrsxn1800\margtsxn1440\margbsxn1440\pgdscnxt0 Standard;}}
-{\*\pgdscno0}\paperh15840\paperw12240\margl1800\margr1800\margt1440\margb1440\sectd\sbknone\pgwsxn12240\pghsxn15840\marglsxn1800\margrsxn1800\margtsxn1440\margbsxn1440\ftnbj\ftnstart1\ftnrstcont\ftnnar\aenddoc\aftnrstcont\aftnstart1\aftnnrlc
-\pard\plain \ltrpar\s1\cf0\qc{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b Apache License}
-\par \pard\plain \ltrpar\s1\cf0\qc{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b Version 2.0, January 2004}
-\par \pard\plain \ltrpar\s1\cf0\qc{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b http://www.apache.org/licenses/}
-\par \pard\plain \ltrpar\s1\cf0\qc{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 1. Definitions.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause
-the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of author
-ship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright
- owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, i
-ncluding but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communicat
-ion that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works o
-f, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, ha
-ve made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contr
-ibution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constit
-utes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 (b) You must cause any modified files to carry prominent notices stating that You changed the files; and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works
-; and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain
-to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display
-generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works
- that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your us
-e, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or condi
-tions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content
-of the NOTICE file.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied,
- including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any
- risks associated with Your exercise of permissions under this License.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contribu
-tor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for lo
-ss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi-180\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent wit
-h this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liab
-ility incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 END OF TERMS AND CONDITIONS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 APPENDIX: How to apply the Apache License to your work.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comme
-nt syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Copyright [yyyy] [name of copyright owner]}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li360\ri0\lin360\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 http://www.apache.org/licenses/LICENSE-2.0}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governi
-ng permissions and limitations under the License.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b APACHE TOMCAT SUBCOMPONENTS: }
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Apache Tomcat includes a number of subcomponents with separate copyright notices and license terms. Your use of the source code for the these subcomponents is subject to the terms and conditions of the following licenses. }
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b For the Eclipse JDT Java compiler:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Eclipse Public License - v 1.0}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 1. DEFINITIONS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Contribution" means:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 b) in the case of each subsequent Contributor:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 i) changes to the Program, and}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 ii) additions to the Program;}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contribu
-tor's behalf. Contributions do not include additions to}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Contributor" means any person or entity that distributes the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Licensed Patents" mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Program" means the Contributions distributed in accordance with this Agreement.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Recipient" means anyone who receives the Program under this Agreement, including all Contributors.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 2. GRANT OF RIGHTS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Cont
-ribution of such Contributor, if any, and such derivative works, in source code and object code form.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Con
-tributor, if any, in source code and object code form.\line This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combin
-ation to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any othe
-r entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipien
-t hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that li
-cense before distributing the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 3. REQUIREMENTS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) it complies with the terms and conditions of this Agreement; and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 b) its license agreement:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 i) \tab effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particul
-ar purpose;}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 ii) \tab effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 iii) \tab states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 iv) \tab states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li570\ri0\lin570\rin0\fi-150\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 When the Program is made available in source code form:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) it must be made available under this Agreement; and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 b) a copy of this Agreement must be included with each copy of the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Contributors may not remove or alter any copyright notices contained within the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 4. COMMERCIAL DISTRIBUTION}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a
- commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby ag
-rees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributo
-r to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual
-or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commerci
-al Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, th
-ose performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and
-if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 5. NO WARRANTY}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, ME
-RCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement , including
-but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 6. DISCLAIMER OF LIABILITY}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED
-AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSS
-IBILITY OF SUCH DAMAGES.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 7. GENERAL}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall
-be reformed to the minimum extent necessary to make such provision valid and enforceable.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s
-), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If al
-l Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to th
-e Program shall continue and survive.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (incl
-uding revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as
-the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was
- received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives n
-o rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose
-. Each party waives its rights to a jury trial in any resulting litigation.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b For the Windows Installer component:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\b\loch\f1\fs18\lang1033\b
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 * All NSIS source code, plug-ins, documentation, examples, header files and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 graphics, with the exception of the compression modules and where}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 otherwise noted, are licensed under the zlib/libpng license.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 * The zlib compression module for NSIS is licensed under the zlib/libpng}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 license.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 * The bzip2 compression module for NSIS is licensed under the bzip2 license.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 * The lzma compression module for NSIS is licensed under the Common Public}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch }{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 License version 1.0. }
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ai\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\i\b\loch\f1\fs18\lang1033\i\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i\b zlib/libpng license}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain {\listtext\pard\plain \li735\ri0\lin735\rin0\fi-360\fs18\lang1033\fs18\fs18 1.\tab}\ilvl0 \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\ls1\li735\ri0\lin735\rin0\fi-360\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.}
-\par \pard\plain {\listtext\pard\plain \li735\ri0\lin735\rin0\fi-360\fs18\lang1033\fs18\fs18 2.\tab}\ilvl0 \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\ls1\li735\ri0\lin735\rin0\fi-360\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.}
-\par \pard\plain {\listtext\pard\plain \li735\ri0\lin735\rin0\fi-360\fs18\lang1033\fs18\fs18 3.\tab}\ilvl0 \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\ls1\li735\ri0\lin735\rin0\fi-360\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 This notice may not be removed or altered from any source distribution. }
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ai\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\i\b\loch\f1\fs18\lang1033\i\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i\b bzip2 license}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain {\listtext\pard\plain \li720\ri0\lin720\rin0\fi-360\fs18\lang1033\fs18\fs18 1.\tab}\ilvl0 \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\ls0\li720\ri0\lin720\rin0\fi-360\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.}
-\par \pard\plain {\listtext\pard\plain \li720\ri0\lin720\rin0\fi-360\fs18\lang1033\fs18\fs18 2.\tab}\ilvl0 \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\ls0\li720\ri0\lin720\rin0\fi-360\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.}
-\par \pard\plain {\listtext\pard\plain \li720\ri0\lin720\rin0\fi-360\fs18\lang1033\fs18\fs18 3.\tab}\ilvl0 \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\ls0\li720\ri0\lin720\rin0\fi-360\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.}
-\par \pard\plain {\listtext\pard\plain \li720\ri0\lin720\rin0\fi-360\fs18\lang1033\fs18\fs18 4.\tab}\ilvl0 \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\ls0\li720\ri0\lin720\rin0\fi-360\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. }
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS AND ANY EXPRESS OR IMPLIED}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 OF SUCH DAMAGE.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Julian Seward, Cambridge, UK.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033{\field{\*\fldinst HYPERLINK "mailto:jseward at acm.org" }{\fldrslt \*\cs9\cf2\ul\ulc0\rtlch\ltrch\dbch\hich\loch{\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 jseward at acm.org}}}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ai\ab\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\i\b\loch\f1\fs18\lang1033\i\b {\rtlch \ltrch\loch\f1\fs18\lang1033\i\b Common Public License version 1.0}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 1. DEFINITIONS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Contribution" means:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and b) in the case of each subsequent Contributor:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 i) changes to the Program, and}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 ii) additions to the Program;}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contribu
-tor's behalf. Contributions do not include additions to}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Contributor" means any person or entity that distributes the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Program" means the Contributions distributed in accordance with this Agreement.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 "Recipient" means anyone who receives the Program under this Agreement, including all Contributors.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 2. GRANT OF RIGHTS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Cont
-ribution of such Contributor, if any, and such derivative works, in source code and object code form.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Con
-tributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combin
-ation to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any othe
-r entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipien
-t hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that li
-cense before distributing the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 3. REQUIREMENTS}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) it complies with the terms and conditions of this Agreement; and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 b) its license agreement:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particula
-r purpose;}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and}
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0\tx705{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li690\ri0\lin690\rin0\fi-285\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 iv) states that source code for the Program is available from such Contributor and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 When the Program is made available in source code form:}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 a) it must be made available under this Agreement; and}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li450\ri0\lin450\rin0\fi-270\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 b) a copy of this Agreement must be included with each copy of the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Contributors may not remove or alter any copyright notices contained within the Program.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 4. COMMERCIAL DISTRIBUTION}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a
- commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby ag
-rees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributo
-r to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual
-or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commerci
-al Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, th
-ose performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and
-if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 5. NO WARRANTY}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, ME
-RCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including b
-ut not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 6. DISCLAIMER OF LIABILITY}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED
-AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSS
-IBILITY OF SUCH DAMAGES.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 7. GENERAL}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall
-be reformed to the minimum extent necessary to make such provision valid and enforceable.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreem
-ent shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Pr
-ogram with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If al
-l Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to th
-e Program shall continue and survive.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (incl
-uding revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable se
-parate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new ve
-rsion of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectu
-al property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose
-. Each party waives its rights to a jury trial in any resulting litigation.}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Special exception for LZMA compression module}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 Igor Pavlov and Amir Szekely, the authors of the LZMA compression module for NSIS, expressly permit you to statically or dynamically link your code (or bind by name) to the files from the LZMA compression module for NSIS without subjecting your linked code
- to the terms of the Common Public license version}
-\par \pard\plain \ltrpar\s1\cf0{\*\hyphen2\hyphlead2\hyphtrail2\hyphmax0}\li180\ri0\lin180\rin0\fi0\rtlch\af1\afs18\lang255\ltrch\dbch\af1\langfe255\hich\f1\fs18\lang1033\loch\f1\fs18\lang1033 {\rtlch \ltrch\loch\f1\fs18\lang1033\i0\b0 1.0. Any modifications or additions to files from the LZMA compression module for NSIS, however, are subject to the terms of the Common Public License version 1.0. }
-\par }
\ No newline at end of file
diff --git a/res/maven/README.txt b/res/maven/README.txt
new file mode 100644
index 0000000..ecc4998
--- /dev/null
+++ b/res/maven/README.txt
@@ -0,0 +1,41 @@
+================================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+================================================================================
+
+$Id: README.txt 1353103 2012-06-23 09:46:50Z kkolinko $
+
+General preparations before any publishing:
+1 - Download Maven Ant Tasks (version 2.1.0 is known to work) and place it in
+ this directory
+2 - Generate a standard Tomcat release (see BUILDING.txt)
+3 - Copy mvn.properties.default to mvn.properties and adjust it as necessary.
+ You will need to set asf.ldap.username and you'll probably need to set
+ gpg.exec
+ The other properties should be OK. Note: you will be prompted for your
+ GPG pass-phrase and LDAP password when the script runs.
+
+To publish a snapshot do the following:
+1 - ant -f mvn-pub.xml deploy-snapshot
+ This populates
+ https://repository.apache.org/content/repositories/snapshots/org/apache/tomcat/
+
+To release do the following:
+1 - ant -f mvn-pub.xml deploy-release
+ that step creates a staging area in
+ https://repository.apache.org/index.html#stagingRepositories
+2 - check the upload and then close the repository
+3 - include the repository in the VOTE thread
+4 - in https://repository.apache.org/index.html#stagingRepositories release it
diff --git a/res/maven/annotations-api.pom b/res/maven/annotations-api.pom
index 74b33ac..7e86f6e 100644
--- a/res/maven/annotations-api.pom
+++ b/res/maven/annotations-api.pom
@@ -21,4 +21,12 @@
<artifactId>annotations-api</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Annotations Package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
\ No newline at end of file
diff --git a/res/maven/coyote.pom b/res/maven/catalina-ant.pom
similarity index 77%
copy from res/maven/coyote.pom
copy to res/maven/catalina-ant.pom
index f92498a..08ef4b1 100644
--- a/res/maven/coyote.pom
+++ b/res/maven/catalina-ant.pom
@@ -18,25 +18,27 @@
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.tomcat</groupId>
- <artifactId>coyote</artifactId>
+ <artifactId>catalina-ant</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
- <description>Tomcat Connectors and HTTP parser</description>
+ <description>Tomcat Ant tasks for remote management</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
- <artifactId>catalina</artifactId>
+ <artifactId>coyote</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat</groupId>
- <artifactId>servlet-api</artifactId>
- <version>@MAVEN.DEPLOY.VERSION@</version>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>juli</artifactId>
+ <artifactId>catalina</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<scope>compile</scope>
</dependency>
diff --git a/res/maven/catalina-ha.pom b/res/maven/catalina-ha.pom
index d580f9d..111482d 100644
--- a/res/maven/catalina-ha.pom
+++ b/res/maven/catalina-ha.pom
@@ -21,6 +21,14 @@
<artifactId>catalina-ha</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Tomcat High Availability Implementation</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
diff --git a/res/maven/catalina.pom b/res/maven/catalina.pom
index 0c945e4..71ac898 100644
--- a/res/maven/catalina.pom
+++ b/res/maven/catalina.pom
@@ -21,6 +21,14 @@
<artifactId>catalina</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Tomcat Servlet Engine Core Classes and Standard implementations</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<!--
<dependency>
diff --git a/res/maven/coyote.pom b/res/maven/coyote.pom
index f92498a..a287e62 100644
--- a/res/maven/coyote.pom
+++ b/res/maven/coyote.pom
@@ -21,6 +21,14 @@
<artifactId>coyote</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Tomcat Connectors and HTTP parser</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
diff --git a/res/maven/dbcp.pom b/res/maven/dbcp.pom
index 287c8ec..f9ac558 100644
--- a/res/maven/dbcp.pom
+++ b/res/maven/dbcp.pom
@@ -21,4 +21,12 @@
<artifactId>dbcp</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Tomcat Database Connection Pooling package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/el-api.pom b/res/maven/el-api.pom
index d8ab540..43ab941 100644
--- a/res/maven/el-api.pom
+++ b/res/maven/el-api.pom
@@ -21,4 +21,12 @@
<artifactId>el-api</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Expression language package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/jasper-el.pom b/res/maven/jasper-el.pom
index 6301df9..1eb332f 100644
--- a/res/maven/jasper-el.pom
+++ b/res/maven/jasper-el.pom
@@ -21,6 +21,14 @@
<artifactId>jasper-el</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Jasper Expression Language Impl</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
diff --git a/res/maven/jasper.pom b/res/maven/jasper.pom
index 2e3ca20..a5776f4 100644
--- a/res/maven/jasper.pom
+++ b/res/maven/jasper.pom
@@ -21,6 +21,14 @@
<artifactId>jasper</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Tomcats JSP Parser</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
@@ -55,7 +63,7 @@
<dependency>
<groupId>org.eclipse.jdt.core.compiler</groupId>
<artifactId>ecj</artifactId>
- <version>3.7</version>
+ <version>3.7.2</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat</groupId>
diff --git a/res/maven/jsp-api.pom b/res/maven/jsp-api.pom
index c8cfdd7..f202a0c 100644
--- a/res/maven/jsp-api.pom
+++ b/res/maven/jsp-api.pom
@@ -21,6 +21,14 @@
<artifactId>jsp-api</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>JSP package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
diff --git a/res/maven/juli-adapters.pom b/res/maven/juli-adapters.pom
index 97ce9b9..702f249 100644
--- a/res/maven/juli-adapters.pom
+++ b/res/maven/juli-adapters.pom
@@ -21,6 +21,14 @@
<artifactId>juli-adapters</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Adapters to plug in other logging frameworks in Tomcat</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat.extras</groupId>
diff --git a/res/maven/juli-extras.pom b/res/maven/juli-extras.pom
index 7753bc5..9c4ac15 100644
--- a/res/maven/juli-extras.pom
+++ b/res/maven/juli-extras.pom
@@ -21,4 +21,12 @@
<artifactId>juli</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Replacement for Tomcat Core Logging Package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/juli.pom b/res/maven/juli.pom
index ef197fb..de593ec 100644
--- a/res/maven/juli.pom
+++ b/res/maven/juli.pom
@@ -21,4 +21,12 @@
<artifactId>juli</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Tomcat Core Logging Package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/mvn-pub.xml b/res/maven/mvn-pub.xml
index 0f8dabe..0d00949 100644
--- a/res/maven/mvn-pub.xml
+++ b/res/maven/mvn-pub.xml
@@ -15,62 +15,42 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<project name="Tomcat 6.0" default="" basedir="." xmlns:artifact="urn:maven-artifact-ant">
-
+<project name="Tomcat 6.0 Maven Deployment" default="" basedir="."
+ xmlns:artifact="urn:maven-artifact-ant">
<!--
- Built for using Maven 2.0.4
- Two additional jar files required, please download from
- http://people.apache.org/~fhanik/tomcat/maven/
-
- -->
- <!--
- Properties required to be set:
- maven.home - full path to Maven2 installation, mvn or mvn.bat is assumed to be in ${maven.home}/bin/
- maven.bin - the script to execute for maven, would be mvn or mvn.bat
- maven.repo.url - the URL of the repository, for example scp://people.apache.org/www/people.apache.org/repo/m2-snapshot-repository
- maven.repo.repositoryId - the id of the repository, for example apache.snapshots
- maven.deploy.version - the version that the components will be deployed as, for example @MAVEN.DEPLOY.VERSION@
- tomcat.lib.path - the path to tomcat JAR files
- tomcat.bin.path - the path to tomcat's bin directory (for other JAR files)
- tomcat.pom.path - the path to the POM files
- All these can be defined by mvn.properties (and defaults are in mvn.properties.default)
-
- To do password less upload, you can modify either
- $MAVE_HOME/conf/settings.xml or ~/.m2/settings.xml and add this snippet
- <server>
- <id>apache.snapshots</id>
- <username>yourusername</username>
- <privateKey>/home/yourusername/.ssh/id_rsa</privateKey>
- <passphrase></passphrase>
- </server>
-
- To get a private key to work on Windows, I followed these steps
- 1. on a linux box execute 'ssh-keygen -t rsa'
- 2. same linux box execute 'cat id_rsa.pub >> authorized_keys' and 'cat id_rsa.pub >> authorized_keys2'
- 3. Copy id_rsa and id_rsa.pub to my windows box
- 4. Import id_rsa into puttygen
- 5. export id_rsa from puttygen to OpenSSH key
- 6. The key you exported from puttygen is the one you reference from the <privateKey> element
- 7. Manually create the %USERPROFILE%\.ssh directory
- 8. Manually add the %USERPROFILE%\.ssh\known_hosts file with the entry for the host
+ Built for using Maven Ant Tasks (version 2.1.0 is known to work)
-->
+
<property file="${basedir}/mvn.properties"/>
<property file="${basedir}/mvn.properties.default"/>
<property name="local.repo" value="${user.home}/.m2/repository"/>
-
+
<target name="init-maven">
- <typedef resource="org/apache/maven/artifact/ant/antlib.xml" uri="urn:maven-artifact-ant">
+ <typedef resource="org/apache/maven/artifact/ant/antlib.xml"
+ uri="urn:maven-artifact-ant">
<classpath>
- <pathelement location="${basedir}/maven-ant-tasks-attached-patch.jar" />
- <pathelement location="${basedir}/maven-artifact-ant-2.0.4-dep.jar" />
+ <pathelement location="${basedir}/maven-ant-tasks-2.1.0.jar" />
</classpath>
</typedef>
- <artifact:install-provider artifactId="wagon-ssh" version="1.0-beta-2"/>
+ </target>
+
+ <target name="maven-deploy-nexus" depends="init-maven">
+ <!--deploy it in nexus -->
+ <artifact:deploy file="${file}">
+ <pom file="${pom}.tmp"/>
+ <remoteRepository url="${maven.repo.url}" layout="default">
+ <authentication username="${asf.ldap.username}"
+ password="${asf.ldap.password}"/>
+ </remoteRepository>
+ <attach file="${file}.asc" type="jar.asc"/>
+ <attach file="${pom}.asc" type="pom.asc"/>
+ </artifact:deploy>
</target>
<target name="maven-deploy" depends="init-maven">
<!--cleanup-->
<delete file="${pom}.tmp"/>
+ <delete file="${pom}.asc"/>
<delete file="${file}.asc"/>
<!--replace the version in the pom-->
@@ -80,109 +60,179 @@
</filterset>
</copy>
- <!--sign the jar-->
- <exec executable="${maven.gpg.exec}" failonerror="true" inputstring="${maven.gpg.passphrase}">
+ <!--sign the jar and the pom-->
+ <exec executable="${gpg.exec}" failonerror="true"
+ inputstring="${gpg.passphrase}">
<arg value="--passphrase-fd"/>
<arg value="0"/>
<arg value="-a"/>
<arg value="-b"/>
<arg value="${file}"/>
</exec>
+ <exec executable="${gpg.exec}" failonerror="true"
+ inputstring="${gpg.passphrase}">
+ <arg value="--passphrase-fd"/>
+ <arg value="0"/>
+ <arg value="-a"/>
+ <arg value="-b"/>
+ <arg value="-o"/>
+ <arg value="${pom}.asc"/>
+ <arg value="${pom}.tmp"/>
+ </exec>
<!--deploy it-->
+ <antcall target="maven-deploy-nexus">
+ <param name="file" value="${file}"/>
+ <param name="pom" value="${pom}"/>
+ </antcall>
+
+ <delete file="${pom}.tmp"/>
+ <delete file="${pom}.asc"/>
+ <delete file="${file}.asc"/>
+ </target>
+
+ <target name="maven-deploy-nosrc" depends="init-maven">
+ <!--cleanup-->
+ <delete file="${pom}.tmp"/>
+ <delete file="${pom}.asc"/>
+ <delete file="${file}.asc"/>
+
+ <!--replace the version in the pom-->
+ <copy file="${pom}" tofile="${pom}.tmp">
+ <filterset>
+ <filter token="MAVEN.DEPLOY.VERSION" value="${maven.deploy.version}"/>
+ </filterset>
+ </copy>
+
+ <!--sign the jar and pom -->
+ <exec executable="${gpg.exec}" failonerror="true"
+ inputstring="${gpg.passphrase}">
+ <arg value="--passphrase-fd"/>
+ <arg value="0"/>
+ <arg value="-a"/>
+ <arg value="-b"/>
+ <arg value="${file}"/>
+ </exec>
+ <exec executable="${gpg.exec}" failonerror="true"
+ inputstring="${gpg.passphrase}">
+ <arg value="--passphrase-fd"/>
+ <arg value="0"/>
+ <arg value="-a"/>
+ <arg value="-b"/>
+ <arg value="-o"/>
+ <arg value="${pom}.asc"/>
+ <arg value="${pom}.tmp"/>
+ </exec>
+
+ <!--deploy it-->
<artifact:deploy file="${file}">
- <pom file="${pom}.tmp"/>
- <remoteRepository url="${maven.repo.url}" layout="default">
- <authentication username="${maven.scp.username}" privateKey="${maven.scp.privateKey}" passphrase="${maven.scp.passphrase}"/>
- </remoteRepository>
- <attach file="${file}.asc" type="jar.asc"/>
+ <pom file="${pom}.tmp"/>
+ <remoteRepository url="${maven.repo.url}" layout="default" >
+ <authentication username="${asf.ldap.username}"
+ password="${asf.ldap.password}"/>
+ </remoteRepository>
+ <attach file="${file}.asc" type="jar.asc"/>
+ <attach file="${pom}.asc" type="pom.asc"/>
</artifact:deploy>
- <!--
- <exec executable="${maven.home}/bin/${maven.bin}" failonerror="true">
- <env key="MAVEN_HOME" value="${maven.home}"/>
- <arg value="deploy:deploy-file"/>
- <arg value="-Dfile=${file}"/>
- <arg value="-DgroupId=${groupId}"/>
- <arg value="-DartifactId=${artifactId}"/>
- <arg value="-Dversion=${maven.deploy.version}"/>
- <arg value="-Dpackaging=jar"/>
- <arg value="-DgeneratePom=false"/>
- <arg value="-DrepositoryId=${maven.repo.repositoryId}"/>
- <arg value="-Durl=${maven.repo.url}"/>
- <arg value="-DpomFile=${pom}.tmp"/>
- </exec>
- -->
<delete file="${pom}.tmp"/>
+ <delete file="${pom}.asc"/>
<delete file="${file}.asc"/>
</target>
-
- <macrodef name="doMavenDeploy">
+
+ <macrodef name="doMavenDeployNoSrc">
<attribute name="artifactId"/>
- <attribute name="jarFileName" default="@{artifactId}.jar" description="only need to be specified if not same as artifactId"/>
+ <attribute name="jarFileName" default="@{artifactId}.jar" />
+ <attribute name="groupId" default="org.apache.tomcat" />
+ <attribute name="file" default="${tomcat.lib.path}/@{jarFileName}" />
+ <attribute name="pom" default="@{artifactId}.pom" />
<sequential>
- <antcall target="maven-deploy">
- <param name="file" value="${tomcat.lib.path}/@{jarFileName}"/>
- <param name="groupId" value="org.apache.tomcat"/>
+ <antcall target="maven-deploy-nosrc">
+ <param name="file" value="@{file}"/>
+ <param name="groupId" value="@{groupId}"/>
<param name="artifactId" value="@{artifactId}"/>
- <param name="pom" value="${tomcat.pom.path}/@{artifactId}.pom"/>
+ <param name="pom" value="${tomcat.pom.path}/@{pom}"/>
</antcall>
</sequential>
</macrodef>
- <target name="generic-deploy" depends="init-maven">
- <doMavenDeploy artifactId="annotations-api"/> <!--Deploy annotations-->
- <doMavenDeploy artifactId="servlet-api"/> <!--Deploy Servlet api-->
- <doMavenDeploy artifactId="el-api"/> <!--Deploy expression lanaguage api-->
- <doMavenDeploy artifactId="jsp-api"/> <!--Deploy JSP api-->
- <doMavenDeploy artifactId="juli" jarFileName="tomcat-juli.jar"/> <!--Deploy JULI-->
- <doMavenDeploy artifactId="tribes" jarFileName="catalina-tribes.jar"/> <!--Deploy Tribes-->
- <doMavenDeploy artifactId="jasper-el"/> <!--Deploy Jasper EL-->
- <doMavenDeploy artifactId="coyote" jarFileName="tomcat-coyote.jar"/> <!--Deploy Coyote-->
- <doMavenDeploy artifactId="catalina"/> <!--Deploy Catalina-->
- <doMavenDeploy artifactId="catalina-ha"/> <!--Deploy Catalina-HA-->
- <doMavenDeploy artifactId="jasper"/> <!--Deploy Jasper -->
- <doMavenDeploy artifactId="dbcp" jarFileName="tomcat-dbcp.jar"/> <!--Deploy DBCP-->
- <antcall target="maven-deploy"><!--Deploy Extras Juli-->
- <param name="file" value="${tomcat.extras.path}/tomcat-juli.jar"/>
- <param name="groupId" value="org.apache.tomcat.extras"/>
- <param name="artifactId" value="juli"/>
- <param name="pom" value="${tomcat.pom.path}/juli-extras.pom"/>
- </antcall>
- <antcall target="maven-deploy"><!--Deploy Extras Juli Adapters-->
- <param name="file" value="${tomcat.extras.path}/tomcat-juli-adapters.jar"/>
- <param name="groupId" value="org.apache.tomcat.extras"/>
- <param name="artifactId" value="juli-adapters"/>
- <param name="pom" value="${tomcat.pom.path}/juli-adapters.pom"/>
- </antcall>
+ <target name="generic-deploy" depends="init-maven,init-gpg,init-ldap">
+ <!-- Standard jars in bin directory -->
+ <doMavenDeployNoSrc artifactId="juli"
+ file="${tomcat.bin.path}/tomcat-juli.jar"/>
+
+ <!-- Standard jars in lib directory -->
+ <doMavenDeployNoSrc artifactId="annotations-api"/>
+ <doMavenDeployNoSrc artifactId="catalina"/>
+ <doMavenDeployNoSrc artifactId="catalina-ant"/>
+ <doMavenDeployNoSrc artifactId="catalina-ha"/>
+
+ <doMavenDeployNoSrc artifactId="tribes"
+ jarFileName="catalina-tribes.jar"/>
+
+ <doMavenDeployNoSrc artifactId="el-api"/>
+ <doMavenDeployNoSrc artifactId="jasper"/>
+ <doMavenDeployNoSrc artifactId="jasper-el"/>
+ <doMavenDeployNoSrc artifactId="jsp-api"/>
+ <doMavenDeployNoSrc artifactId="servlet-api"/>
+
+ <doMavenDeployNoSrc artifactId="coyote"
+ jarFileName="tomcat-coyote.jar"/>
+
+ <doMavenDeployNoSrc artifactId="dbcp"
+ jarFileName="tomcat-dbcp.jar"/>
+
+ <doMavenDeployNoSrc artifactId="tomcat-i18n-es"/>
+ <doMavenDeployNoSrc artifactId="tomcat-i18n-fr"/>
+ <doMavenDeployNoSrc artifactId="tomcat-i18n-ja"/>
+
+ <!-- Extras jars -->
+ <doMavenDeployNoSrc artifactId="juli"
+ pom="juli-extras.pom"
+ groupId="org.apache.tomcat.extras"
+ file="${tomcat.extras.path}/tomcat-juli.jar" />
+ <doMavenDeployNoSrc artifactId="juli-adapters"
+ groupId="org.apache.tomcat.extras"
+ file="${tomcat.extras.path}/tomcat-juli-adapters.jar" />
+ <doMavenDeployNoSrc artifactId="tomcat-catalina-jmx-remote"
+ groupId="org.apache.tomcat"
+ file="${tomcat.extras.path}/catalina-jmx-remote.jar" />
+ <doMavenDeployNoSrc artifactId="tomcat-catalina-ws"
+ groupId="org.apache.tomcat"
+ file="${tomcat.extras.path}/catalina-ws.jar" />
+
</target>
<target name="deploy-snapshot">
<antcall target="generic-deploy">
- <param name="maven.repo.repositoryId" value="${maven.snapshot.repo.repositoryId}"/>
+ <param name="maven.repo.repositoryId"
+ value="${maven.snapshot.repo.repositoryId}"/>
<param name="maven.repo.url" value="${maven.snapshot.repo.url}"/>
- <param name="maven.deploy.version" value="${maven.snapshot.deploy.version}"/>
- </antcall>
- </target>
-
- <target name="deploy-staging">
- <antcall target="generic-deploy">
- <param name="maven.repo.repositoryId" value="${maven.release.repo.repositoryId}"/>
- <param name="maven.repo.url" value="${maven.release.repo.url}"/>
- <param name="maven.deploy.version" value="${maven.release.deploy.version}"/>
+ <param name="maven.deploy.version" value="6.0-SNAPSHOT"/>
</antcall>
</target>
<target name="deploy-release">
<antcall target="generic-deploy">
- <param name="maven.repo.repositoryId" value="${maven.asf.release.repo.repositoryId}"/>
+ <param name="maven.repo.repositoryId"
+ value="${maven.asf.release.repo.repositoryId}"/>
<param name="maven.repo.url" value="${maven.asf.release.repo.url}"/>
- <param name="maven.deploy.version" value="${maven.asf.release.deploy.version}"/>
+ <param name="maven.deploy.version"
+ value="${maven.asf.release.deploy.version}"/>
</antcall>
</target>
-
- <target name="help">
- <echo>Help is on the way!</echo>
+
+ <target name="init-gpg">
+ <input message="Enter GPG pass-phrase" addproperty="gpg.passphrase" >
+ <handler type="secure"/>
+ </input>
+ </target>
+
+ <target name="init-ldap">
+ <input message="Enter ASF LDAP (same svn) password"
+ addproperty="asf.ldap.password" >
+ <handler type="secure"/>
+ </input>
</target>
</project>
diff --git a/res/maven/mvn.properties.default b/res/maven/mvn.properties.default
index d778eb7..59b0c83 100644
--- a/res/maven/mvn.properties.default
+++ b/res/maven/mvn.properties.default
@@ -12,47 +12,34 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
+#
# To create custom properties, simply create
# the file mvn.properties
# in this directory
# no need to change this file
#
-#Tomcat version
-tomcat.version=6.0.20
-
-#Maven properties
-maven.scp.username=fhanik
-maven.scp.privateKey=${user.home}/.ssh/id_dsa
-maven.scp.passphrase=
-maven.gpg.exec=/opt/csw/bin/gpg
-maven.gpg.passphrase=*****
-
+# Authentication
+# Note: You will be prompted for your GPG passphrase and LDAP password when
+# running this script
+asf.ldap.username=<!-- YOUR APACHE LDAP USERNAME -->
+gpg.exec=C:/software/GNU/GnuPG/gpg.exe
-maven.home=/software/apache-maven-2.0.9
-#Define mvn for Unix systems and mvn.bat for Windows as ANT exec requires the full name
-maven.bin=mvn
-
-#Maven snapshot properties
-maven.snapshot.repo.url=scp://people.apache.org/www/people.apache.org/repo/m2-snapshot-repository
+# ASF Snapshot Repository (hosted on Nexus)
+maven.snapshot.repo.url=https://repository.apache.org/content/repositories/snapshots
maven.snapshot.repo.repositoryId=apache.snapshots
-maven.snapshot.deploy.version=${tomcat.version}-SNAPSHOT
-
-#Maven release properties for Tomcat staging
-maven.release.repo.url=scp://people.apache.org/www/tomcat.apache.org/dev/dist/m2-repository
-maven.release.repo.repositoryId=tomcat-staging
-maven.release.deploy.version=${tomcat.version}
-#Maven release properties for the main ASF repo
-maven.asf.release.repo.url=scp://people.apache.org/www/people.apache.org/repo/m2-ibiblio-rsync-repository
+# ASF Release Repository (hosted on Nexus)
+# Note: Also used for staging releases prior to voting
+maven.asf.release.repo.url=https://repository.apache.org/service/local/staging/deploy/maven2
maven.asf.release.repo.repositoryId=apache.releases
-maven.asf.release.deploy.version=${tomcat.version}
+# Release version info
+maven.asf.release.deploy.version=6.0.36
#Where do we load the libraries from
-tomcat.lib.path=/tmp/pool/apache-tomcat-6.0.20/lib
-tomcat.bin.path=/tmp/pool/apache-tomcat-6.0.20/bin
+tomcat.lib.path=../../output/build/lib
+tomcat.bin.path=../../output/build/bin
tomcat.extras.path=../../output/extras
#Where do we find the POM files
diff --git a/res/maven/servlet-api.pom b/res/maven/servlet-api.pom
index 5ac3193..35d29ec 100644
--- a/res/maven/servlet-api.pom
+++ b/res/maven/servlet-api.pom
@@ -21,4 +21,12 @@
<artifactId>servlet-api</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>javax.servlet package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/catalina.pom b/res/maven/tomcat-catalina-jmx-remote.pom
similarity index 74%
copy from res/maven/catalina.pom
copy to res/maven/tomcat-catalina-jmx-remote.pom
index 0c945e4..f01f3b0 100644
--- a/res/maven/catalina.pom
+++ b/res/maven/tomcat-catalina-jmx-remote.pom
@@ -18,33 +18,33 @@
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.tomcat</groupId>
- <artifactId>catalina</artifactId>
+ <artifactId>tomcat-catalina-jmx-remote</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
- <description>Tomcat Servlet Engine Core Classes and Standard implementations</description>
+ <description>Tomcat Remote JMX listener</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
- <!--
<dependency>
<groupId>org.apache.tomcat</groupId>
- <artifactId>coyote</artifactId>
+ <artifactId>tomcat-coyote</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<scope>compile</scope>
</dependency>
- -->
<dependency>
<groupId>org.apache.tomcat</groupId>
- <artifactId>servlet-api</artifactId>
+ <artifactId>tomcat-catalina</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat</groupId>
- <artifactId>juli</artifactId>
- <version>@MAVEN.DEPLOY.VERSION@</version>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>annotations-api</artifactId>
+ <artifactId>tomcat-juli</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<scope>compile</scope>
</dependency>
diff --git a/res/maven/jasper-el.pom b/res/maven/tomcat-catalina-ws.pom
similarity index 74%
copy from res/maven/jasper-el.pom
copy to res/maven/tomcat-catalina-ws.pom
index 6301df9..c020737 100644
--- a/res/maven/jasper-el.pom
+++ b/res/maven/tomcat-catalina-ws.pom
@@ -18,16 +18,23 @@
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.tomcat</groupId>
- <artifactId>jasper-el</artifactId>
+ <artifactId>tomcat-catalina-ws</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
- <description>Jasper Expression Language Impl</description>
+ <description>Tomcat JNDI Factory for Web Services</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
- <artifactId>el-api</artifactId>
+ <artifactId>tomcat-catalina</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<scope>compile</scope>
</dependency>
</dependencies>
</project>
-
diff --git a/res/maven/juli.pom b/res/maven/tomcat-i18n-es.pom
similarity index 74%
copy from res/maven/juli.pom
copy to res/maven/tomcat-i18n-es.pom
index ef197fb..390930a 100644
--- a/res/maven/juli.pom
+++ b/res/maven/tomcat-i18n-es.pom
@@ -18,7 +18,15 @@
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.tomcat</groupId>
- <artifactId>juli</artifactId>
+ <artifactId>tomcat-i18n-es</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
- <description>Tomcat Core Logging Package</description>
+ <description>Spanish translations</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/juli.pom b/res/maven/tomcat-i18n-fr.pom
similarity index 74%
copy from res/maven/juli.pom
copy to res/maven/tomcat-i18n-fr.pom
index ef197fb..c2e8dfb 100644
--- a/res/maven/juli.pom
+++ b/res/maven/tomcat-i18n-fr.pom
@@ -18,7 +18,15 @@
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.tomcat</groupId>
- <artifactId>juli</artifactId>
+ <artifactId>tomcat-i18n-fr</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
- <description>Tomcat Core Logging Package</description>
+ <description>French translations</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/juli.pom b/res/maven/tomcat-i18n-ja.pom
similarity index 74%
copy from res/maven/juli.pom
copy to res/maven/tomcat-i18n-ja.pom
index ef197fb..9ffd970 100644
--- a/res/maven/juli.pom
+++ b/res/maven/tomcat-i18n-ja.pom
@@ -18,7 +18,15 @@
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.tomcat</groupId>
- <artifactId>juli</artifactId>
+ <artifactId>tomcat-i18n-ja</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
- <description>Tomcat Core Logging Package</description>
+ <description>Japanese translations</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
</project>
diff --git a/res/maven/tribes.pom b/res/maven/tribes.pom
index b23c2d8..7e77a82 100644
--- a/res/maven/tribes.pom
+++ b/res/maven/tribes.pom
@@ -21,6 +21,14 @@
<artifactId>tribes</artifactId>
<version>@MAVEN.DEPLOY.VERSION@</version>
<description>Tomcat Group Communication Package</description>
+ <url>http://tomcat.apache.org/</url>
+ <licenses>
+ <license>
+ <name>Apache License, Version 2.0</name>
+ <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+ <distribution>repo</distribution>
+ </license>
+ </licenses>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
diff --git a/res/tomcat.nsi b/res/tomcat.nsi
index a46c3b3..b3d297f 100644
--- a/res/tomcat.nsi
+++ b/res/tomcat.nsi
@@ -14,7 +14,7 @@
; limitations under the License.
; Tomcat script for Nullsoft Installer
-; $Id: tomcat.nsi 1195442 2011-10-31 13:09:17Z markt $
+; $Id: tomcat.nsi 1343051 2012-05-27 14:00:45Z kkolinko $
;Compression options
CRCCheck on
@@ -117,6 +117,7 @@ Var ServiceInstallLog
;Install Page order
!insertmacro MUI_PAGE_WELCOME
+ ; Show file named "INSTALLLICENSE"
!insertmacro MUI_PAGE_LICENSE INSTALLLICENSE
; Use custom onLeave function with COMPONENTS page
!define MUI_PAGE_CUSTOMFUNCTION_LEAVE pageComponentsLeave
@@ -133,9 +134,6 @@ Var ServiceInstallLog
!insertmacro MUI_UNPAGE_CONFIRM
!insertmacro MUI_UNPAGE_INSTFILES
- ;License dialog
- LicenseData License.rtf
-
;Component-selection page
;Descriptions
LangString DESC_SecTomcat ${LANG_ENGLISH} "Install the Tomcat Servlet container as a Windows service."
diff --git a/test/org/apache/el/lang/TestELSupport.java b/test/org/apache/el/lang/TestELSupport.java
index 4be0908..c5fd269 100644
--- a/test/org/apache/el/lang/TestELSupport.java
+++ b/test/org/apache/el/lang/TestELSupport.java
@@ -24,6 +24,10 @@ import javax.el.ELException;
import junit.framework.TestCase;
public class TestELSupport extends TestCase {
+ public void testEquals() {
+ assertTrue(ELSupport.equals("01", Long.valueOf(1)));
+ }
+
public void testBigDecimal() {
testIsSame(new BigDecimal(
"0.123456789012345678901234567890123456789012345678901234567890123456789"));
diff --git a/webapps/ROOT/index.html b/webapps/ROOT/index.html
index adc5abc..91aece5 100644
--- a/webapps/ROOT/index.html
+++ b/webapps/ROOT/index.html
@@ -146,7 +146,6 @@
<a href="http://tomcat.apache.org/">Home Page</a><br/>
<a href="http://tomcat.apache.org/faq/">FAQ</a><br/>
<a href="http://tomcat.apache.org/bugreport.html">Bug Database</a><br/>
- <a href="http://issues.apache.org/bugzilla/buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=RESOLVED&resolution=LATER&resolution=REMIND&resolution=---&bugidtype=include&product=Tomcat+6&cmdtype=doit&order=Importance">Open Bugs</a><br/>
<a href="http://mail-archives.apache.org/mod_mbox/tomcat-users/">Users Mailing List</a><br/>
<a href="http://mail-archives.apache.org/mod_mbox/tomcat-dev/">Developers Mailing List</a><br/>
<a href="irc://irc.freenode.net/#tomcat">IRC</a><br/>
@@ -184,7 +183,7 @@
<p>where "$CATALINA_HOME" is the root of the Tomcat installation directory. If you're seeing this page, and you don't think you should be, then you're either a user who has arrived at new installation of Tomcat, or you're an administrator who hasn't got his/her setup quite right. Providing the latter is the case, please refer to the <a href="/docs">Tomcat Documentation</a> for more detailed setup and administration information than is found in the INSTALL file.</p>
<p><b>NOTE: For security reasons, using the manager webapp
- is restricted to users with role "manager".</b>
+ is restricted to users with certain roles such as "manager-gui".</b>
Users are defined in <code>$CATALINA_HOME/conf/tomcat-users.xml</code>.</p>
<p>Included with this release are a host of sample Servlets and JSPs (with associated source code), extensive documentation, and an introductory guide to developing web applications.</p>
diff --git a/webapps/ROOT/index.jsp b/webapps/ROOT/index.jsp
index 1a21cf7..87186e4 100644
--- a/webapps/ROOT/index.jsp
+++ b/webapps/ROOT/index.jsp
@@ -148,7 +148,6 @@
<a href="http://tomcat.apache.org/">Home Page</a><br/>
<a href="http://tomcat.apache.org/faq/">FAQ</a><br/>
<a href="http://tomcat.apache.org/bugreport.html">Bug Database</a><br/>
- <a href="http://issues.apache.org/bugzilla/buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=RESOLVED&resolution=LATER&resolution=REMIND&resolution=---&bugidtype=include&product=Tomcat+5&cmdtype=doit&order=Importance">Open Bugs</a><br/>
<a href="http://mail-archives.apache.org/mod_mbox/tomcat-users/">Users Mailing List</a><br/>
<a href="http://mail-archives.apache.org/mod_mbox/tomcat-dev/">Developers Mailing List</a><br/>
<a href="irc://irc.freenode.net/#tomcat">IRC</a><br/>
@@ -199,7 +198,7 @@
<p>where "$CATALINA_HOME" is the root of the Tomcat installation directory. If you're seeing this page, and you don't think you should be, then you're either a user who has arrived at new installation of Tomcat, or you're an administrator who hasn't got his/her setup quite right. Providing the latter is the case, please refer to the <a href="docs">Tomcat Documentation</a> for more detailed setup and administration information than is found in the INSTALL file.</p>
<p><b>NOTE: For security reasons, using the manager webapp
- is restricted to users with role "manager".</b>
+ is restricted to users with certain roles such as "manager-gui".</b>
Users are defined in <code>$CATALINA_HOME/conf/tomcat-users.xml</code>.</p>
<p>Included with this release are a host of sample Servlets and JSPs (with associated source code), extensive documentation, and an introductory guide to developing web applications.</p>
diff --git a/webapps/docs/apr.xml b/webapps/docs/apr.xml
index db22dd8..9477519 100644
--- a/webapps/docs/apr.xml
+++ b/webapps/docs/apr.xml
@@ -243,8 +243,13 @@
</attribute>
<attribute name="SSLProtocol" required="false">
<p>
- Protocol which may be used for communicating with clients. The default is "all", with
- other acceptable values being "SSLv2", "SSLv3", "TLSv1", and "SSLv2+SSLv3".
+ Protocol which may be used for communicating with clients. The default
+ value is <code>all</code>, with other acceptable values being <code>SSLv2</code>,
+ <code>SSLv3</code>, <code>TLSv1</code> and <code>SSLv2+SSLv3</code>.
+ Starting with version 1.1.21 of the Tomcat native
+ library any combination of the three protocols concatenated with a
+ plus sign will be supported. Note that the protocol <code>SSLv2</code>
+ is inherently unsafe.
</p>
</attribute>
<attribute name="SSLCipherSuite" required="false">
diff --git a/webapps/docs/building.xml b/webapps/docs/building.xml
index 6c24c8b..2965d64 100644
--- a/webapps/docs/building.xml
+++ b/webapps/docs/building.xml
@@ -42,10 +42,11 @@ Tomcat. The following is a step by step TODO list.
</section>
-<section name="Download a Java Development Kit (JDK) release (version 1.5.x or later)">
+<section name="Download a Java Development Kit (JDK) release (version 5)">
<p>
-The Sun JDK can be downloaded <a href="http://java.sun.com/j2se/">here</a>.
+The JDK can be downloaded following the "Previous Releases" link from
+<a href="http://www.oracle.com/technetwork/java/javase/downloads/index.html">here</a>.
</p>
<p>
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index fbe9bc1..8cbeeb1 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -41,9 +41,421 @@
<body>
<!-- Section names:
- General, Catalina, Coyote, Jasper, Cluster, Webapps, Other
+ General, Catalina, Coyote, Jasper, Cluster, Web applications, Other
-->
-<section name="Tomcat 6.0.35 (jfclere)">
+<section name="Tomcat 6.0.36 (jfclere)" rtext="">
+ <subsection name="Catalina">
+ <changelog>
+ <update>
+ <bug>48692</bug>: Provide option to parse
+ <code>application/x-www-form-urlencoded</code> PUT requests. (schultz)
+ </update>
+ <add>
+ <bug>50306</bug>: New StuckThreadDetectionValve to detect requests that
+ take a long time to process, which might indicate that their processing
+ threads are stuck. Based on a patch provided by TomLu. (kkolinko)
+ </add>
+ <fix>
+ <bug>50570</bug>: Enable FIPS mode to be set in AprLifecycleListener.
+ Based upon a patch from Chris Beckey. Note that this mode requires
+ tomcat-native 1.1.23 or later linked to a FIPS-capable OpenSSL library,
+ which one has to build by themselves. (schultz/kkolinko)
+ </fix>
+ <fix>
+ Improve synchronization and error handling in AprLifecycleListener.
+ Do not allow to change SSL options if SSL has already been initialized.
+ (schultz/kkolinko)
+ </fix>
+ <fix>
+ <bug>52225</bug>: Fix ClassCastException when adding an alias for an
+ existing host via JMX. (kkolinko)
+ </fix>
+ <fix>
+ <bug>52293</bug>: Correctly handle the case when
+ <code>antiResourceLocking</code> is enabled at the Context level when
+ <code>unpackWARs</code> is disabled at the Host level. Correctly
+ handle multi-level contexts when <code>antiResourceLocking</code>
+ is enabled. Patch by Justin Miller. (kkolinko)
+ </fix>
+ <fix>
+ Do not throw IllegalArgumentException from parseParameters() call
+ when chunked POST request is too large, but treat it like an IO error.
+ The <code>FailedRequestFilter</code> filter can be used to detect this
+ condition. (kkolinko)
+ </fix>
+ <fix>
+ <bug>52384</bug>: Do not fail with parameter parsing when debug logging
+ is enabled. (kkolinko)
+ </fix>
+ <fix>
+ Do not flag extra '&' characters in parameters as parse errors.
+ (kkolinko)
+ </fix>
+ <fix>
+ <bug>52488</bug>: Correct typos: exipre -> expire. Based on a patch by
+ prockter. (markt)
+ </fix>
+ <fix>
+ Reduce log level for the message about hitting
+ <code>maxParameterCount</code> limit from WARN to INFO.
+ Fix limit comparison to allow exactly <code>maxParameterCount</code>
+ parameters, as documentation says, instead of
+ <code>(maxParameterCount-1)</code>. (kkolinko)
+ </fix>
+ <fix>
+ Slightly improve performance of UDecoder.convert(). Align
+ <code>%2f</code> handling between implementations. (kkolinko)
+ </fix>
+ <add>
+ Add <code>denyStatus</code> attribute to <code>RequestFilterValve</code>
+ (<code>RemoteAddrValve</code>, <code>RemoteHostValve</code> valves).
+ It allows to use different HTTP response code when rejecting denied
+ request. E.g. 404 instead of 403. (kkolinko)
+ </add>
+ <add>
+ Add <code>SetCharacterEncodingFilter</code> (similar to the one
+ contained in the examples web application) to the
+ <code>org.apache.catalina.filters</code> package so that it is
+ available for all web applications. (kkolinko)
+ </add>
+ <add>
+ <bug>52500</bug>: Added configurable mechanism to retrieve user names
+ from X509 client certificates. Based on a patch provided by
+ Michael Furman. (schultz/kkolinko)
+ </add>
+ <fix>
+ <bug>52719</bug>: Fix a theoretical resource leak in the JAR validation
+ that checks for non-permitted classes in web application JARs. (markt)
+ </fix>
+ <fix>
+ <bug>52830</bug>: Correct JNDI lookups when using
+ <code>javax.naming.Name</code> to identify the resource rather than a
+ <code>java.lang.String</code>. (markt)
+ </fix>
+ <add>
+ <bug>52850</bug>: Extend memory leak prevention and detection code to
+ work with IBM as well as Oracle JVMs. Based on a patch provided by
+ Rohit Kelapure. (kkolinko)
+ </add>
+ <add>
+ <bug>52996</bug>: In <code>StandardThreadExecutor</code>:
+ Add the ability to configure a job queue size
+ (<code>maxQueueSize</code> attribute).
+ Add a variant of execute method that allows to specify a timeout for
+ how long we want to try to add something to the queue.
+ Based on a patch by Rüdiger Plüm. (kkolinko)
+ </add>
+ <fix>
+ <bug>53047</bug>: If a JDBCRealm or DataSourceRealm is configured for
+ an all roles mode that only requires authorization (and no roles) and no
+ role table or column is defined, don't populate the Principal's roles.
+ (markt/kkolinko)
+ </fix>
+ <fix>
+ <bug>53050</bug>: Fix handling of entropy value when initializing
+ session id generator in session manager. Based on proposal by
+ Andras Rozsa. (kkolinko)
+ </fix>
+ <fix>
+ <bug>53056</bug>: Add APR version number to tcnative version INFO log
+ message. (schultz)
+ </fix>
+ <fix>
+ <bug>53057</bug>: Add OpenSSL version number INFO log message when
+ initializing. (schultz)
+ </fix>
+ <fix>
+ <bug>53071</bug>: Use the message from the Throwable for the error
+ report generated by the <code>ErrorReportValve</code> if none was
+ specified via <code>sendError()</code>. Use the standard text for HTTP
+ error codes. (markt/rjung)
+ </fix>
+ <update>
+ <bug>53230</bug>: Change session managers to throw
+ TooManyActiveSessionsException instead of IllegalStateException
+ when the maximum number of sessions has been exceeded and a new
+ session will not be created. (schultz/kkolinko)
+ </update>
+ <fix>
+ <bug>53267</bug>: Ensure that using the GC Daemon Protection feature of
+ the <code>JreMemoryLeakPreventionListener</code> does not trigger a
+ full GC every hour. (markt/kkolinko)
+ </fix>
+ <fix>
+ <bug>53531</bug>: Fix ExpandWar.expand to check the return value of
+ File.mkdir and File.mkdirs. (schultz)
+ </fix>
+ <fix>
+ Make the CSRF nonce cache in <code>CsrfPreventionFilter</code>
+ serializable so that it can be replicated across a cluster and/or
+ persisted across Tomcat restarts. (markt)
+ </fix>
+ <fix>
+ <bug>53584</bug>: Ignore path parameters when comparing URIs for FORM
+ authentication. This prevents users being prompted twice for passwords
+ when logging in when session IDs are being encoded as path parameters.
+ (markt)
+ </fix>
+ <fix>
+ Various improvements to the DIGEST authenticator including
+ <bug>52954</bug>, the disabling caching of an authenticated user in the
+ session by default, tracking server rather than client nonces and better
+ handling of stale nonce values. (markt)
+ </fix>
+ <fix>
+ Remove unneeded handling of FORM authentication in RealmBase. (kkolinko)
+ </fix>
+ <fix>
+ <bug>53800</bug>: <code>FileDirContext.list()</code> did not provide
+ correct paths for subdirectories. Patch provided by Kevin Wooten.
+ (kkolinko)
+ </fix>
+ <fix>
+ <bug>53830</bug>: Better handling of <code>Manager.randomFile</code>
+ default value on Windows. (kkolinko)
+ </fix>
+ <fix>
+ Improve session management in CsrfPreventionFilter. (kkolinko)
+ </fix>
+ </changelog>
+ </subsection>
+ <subsection name="Coyote">
+ <changelog>
+ <fix>
+ <bug>42181</bug>: Better handling of edge conditions in chunk header
+ processing. (kkolinko)
+ </fix>
+ <update>
+ <bug>51477</bug>: Support all SSL protocol combinations in the APR/native
+ connector. This only works when using the native library version 1.1.21
+ or later. (rjung)
+ </update>
+ <fix>
+ <bug>52055</bug> (comment 14): Correctly reset
+ <code>ChunkedInputFilter.needCRLFParse</code> flag when the filter
+ is recycled. (kkolinko)
+ </fix>
+ <fix>
+ <bug>52606</bug>: Ensure replayed POST bodies are available when using
+ AJP. (markt)
+ </fix>
+ <fix>
+ <bug>52858</bug>: Fix high CPU load with SSL, NIO and sendfile when
+ client breaks the connection before reading all the requested data.
+ (fhanik/kkolinko)
+ </fix>
+ <fix>
+ <bug>53119</bug>: Prevent buffer overflow errors being reported when a
+ client disconnects before the response has been fully written from an
+ AJP connection using the APR/native connector. (kkolinko)
+ </fix>
+ <fix>
+ Improve <code>InternalNioInputBuffer.parseHeaders()</code>. (kkolinko)
+ </fix>
+ <add>
+ Implement <code>maxHeaderCount</code> attribute on Connector.
+ It is equivalent of LimitRequestFields directive of
+ <a href="http://httpd.apache.org/">Apache HTTPD</a>.
+ Default value is 100. (kkolinko)
+ </add>
+ <fix>
+ In JkCoyoteHandler connector for AJP/1.3 protocol
+ (in <code>JkMain.setProperty()</code>):
+ Fix setting of properties when connector has already started for
+ properties that have aliases. E.g. it now allows to change
+ <code>maxHeaderCount</code> attribute on Connector MBean via JMX.
+ (kkolinko)
+ </fix>
+ <fix>
+ <bug>53725</bug>: Fix possible corruption of GZIP'd output. (kkolinko)
+ </fix>
+ </changelog>
+ </subsection>
+ <subsection name="Jasper">
+ <changelog>
+ <fix>
+ <bug>48097</bug> (comment 7), <bug>53366</bug> (comment 1):
+ If JSP page unexpectedly fails to initialize PageContext instance,
+ write exception to the logs instead of silent swallowing. (kkolinko)
+ </fix>
+ <fix>
+ <bug>52335</bug>: Only handle <code><\%</code> and not
+ <code>\%</code> as escaped in template text. (markt)
+ </fix>
+ <fix>
+ <bug>52666</bug>: Correct coercion order in EL when processing the
+ equality and inequality operators. (markt)
+ </fix>
+ <fix>
+ <bug>53001</bug>: Revert the fix for <bug>46915</bug> since the use case
+ described in the bug is invalid since it breaks the EL specification.
+ (markt)
+ </fix>
+ <fix>
+ <bug>53032</bug>: Modify <code>JspC</code> so it extends
+ <code>org.apache.tools.ant.Task</code> enabling it to work with features
+ such as namespaces within build.xml files. (markt)
+ </fix>
+ </changelog>
+ </subsection>
+ <subsection name="Cluster">
+ <changelog>
+ <fix>
+ Replicate principal in ClusterSingleSignOn. (kfujino)
+ </fix>
+ <fix>
+ <bug>53513</bug>: Fix race condition between the processing of session
+ sync message and transfer complete message. (kfujino)
+ </fix>
+ <fix>
+ <bug>53606</bug>: Fix potential NPE in <code>TcpPingInterceptor</code>.
+ Based on a patch by F. Arnoud. (markt)
+ </fix>
+ <fix>
+ <bug>53607</bug>: To avoid NPE, set TCP PING data to ChannelMessage.
+ Patch provided by F.Arnoud (kfujino)
+ </fix>
+ <fix>
+ Fix a behavior of TcpPingInterceptor#useThread.
+ Do not start a ping thread when useThread is set to false. (kfujino)
+ </fix>
+ </changelog>
+ </subsection>
+ <subsection name="Web applications">
+ <changelog>
+ <fix>
+ <bug>52243</bug>: Improve windows service documentation to clarify how
+ to include <code>#</code> and/or <code>;</code> in the value of an
+ environment variable that is passed to the service. (markt)
+ </fix>
+ <fix>
+ <bug>52515</bug>: Make it clear in the Realm how-to in the documentation
+ web application that digested password storage when using DIGEST
+ authentication requires that MD5 digests are used. (markt)
+ </fix>
+ <fix>
+ <bug>52641</bug>: Remove mentioning of ldap.jar from docs.
+ Patch provided by Felix Schumacher. (rjung)
+ </fix>
+ <fix>
+ Remove obsolete bug warning from windows service
+ documentation page. (rjung)
+ </fix>
+ <fix>
+ <bug>52983</bug>: Remove unnecessary code that makes switching to
+ other authentication methods difficult. (markt)
+ </fix>
+ <fix>
+ <bug>53158</bug>: Fix documented defaults for DBCP.
+ Patch provided by ph.dezanneau at gmail.com. (rjung)
+ </fix>
+ <update>
+ Update JavaSE documentation links to point to the current
+ docs.oracle.com site, instead of obsolete ones (download.oracle.com,
+ java.sun.com). (kkolinko)
+ </update>
+ <update>
+ <bug>53289</bug>: Clarify <code>ResourceLink</code> example that
+ uses DataSource.getConnection(username, password) method. Not all
+ data source implementations support it. (kkolinko)
+ </update>
+ <fix>
+ Prevent the custom error pages for the Manager and Host Manager
+ applications from being accessed directly. Configure custom
+ pages for error codes 401 and 403 in Host Manager application.
+ (markt/kkolinko)
+ </fix>
+ <fix>
+ Correct documentation for <code>enableLookups</code> attribute
+ of a Connector. By default DNS lookups are disabled. (kkolinko)
+ </fix>
+ <fix>
+ Fix several HTML markup errors in servlets of examples web application.
+ (kkolinko)
+ </fix>
+ <update>
+ Change the index page of ROOT webapp to mention "manager-gui" role
+ instead of "manager" one. (kkolinko)
+ </update>
+ <fix>
+ <bug>53473</bug>: Correct the allowed values for the SSI option
+ <code>isVirtualWebappRelative</code> which are <code>true</code> or
+ <code>false</code>. (markt)
+ </fix>
+ <fix>
+ <bug>53664</bug>: Minor JNDI Howto document enhancement concerning mail
+ properties. Patch provided by Mark Eggers. (schultz)
+ </fix>
+ <fix>
+ <bug>53601</bug>: Clarify that to build Apache Tomcat 6 from sources
+ a Java 5 JDK is recommended. (kkolinko)
+ </fix>
+ <fix>
+ <bug>53793</bug>: Change links on the list of applications in the
+ Manager to point to <code>/appname/</code> instead of
+ <code>/appname</code>. (kkolinko)
+ </fix>
+ </changelog>
+ </subsection>
+ <subsection name="Other">
+ <changelog>
+ <fix>
+ <bug>49402</bug>, <bug>52124</bug>: Fix Maven publishing script:
+ make sure it finds tomcat-juli.jar and use later version of
+ wagon-ssh. (jfclere)
+ </fix>
+ <fix>
+ Update Apache Commons Daemon to 1.0.10. It resolves <bug>52548</bug>
+ which meant that services created with service.bat did not set the
+ <code>catalina.home</code> and <code>catalina.base</code> system
+ properties. (markt, kkolinko)
+ </fix>
+ <update>
+ Update Apache Commons Pool to 1.5.7. (kkolinko)
+ </update>
+ <update>
+ <bug>52579</bug>: Add a note about Sun's Charset.decode() bug to the
+ RELEASE-NOTES file. (kkolinko)
+ </update>
+ <update>
+ <bug>52805</bug>: Update to Eclipse JDT Compiler 3.7.2. (kkolinko)
+ </update>
+ <update>
+ Update the native component of the APR/native connectors to 1.1.23
+ and take advantage of the simplified distribution. (kkolinko)
+ </update>
+ <fix>
+ When building a Windows installer do not copy whole "res" folder to
+ output/dist, but only the files that we need. Apply fixcrlf filter
+ only after the files are copied, so that <code>INSTALLLICENSE</code>
+ file had correct line ends. (kkolinko)
+ </fix>
+ <update>
+ Remove <code>res/License.rtf</code>. The file that is actually shown
+ by the Windows installer is <code>res/INSTALLLICENSE</code>.
+ (kkolinko)
+ </update>
+ <update>
+ Improve <code>RUNNING.txt</code>. (kkolinko)
+ </update>
+ <update>
+ Align the script that deploys Maven jars for Tomcat
+ (<code>res/maven/mvn-pub.xml</code>) with the Tomcat 7 version,
+ making full use of Nexus. (markt)
+ </update>
+ <add>
+ <bug>53034</bug>: Add <code>project.url</code> and
+ <code>project.licenses</code> sections to the POMs for the Maven
+ artifacts. (kkolinko)
+ </add>
+ <fix>
+ <bug>53454</bug>: Return correct content-length header for HEAD requests
+ when content length is greater than 2GB. (markt)
+ </fix>
+ </changelog>
+ </subsection>
+</section>
+<section name="Tomcat 6.0.35 (jfclere)" rtext="released 2011-12-05">
<subsection name="Catalina">
<changelog>
<fix>
@@ -230,7 +642,7 @@
</add>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
Correct the documentation for the connectionLinger attribute of the HTTP
@@ -547,7 +959,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>41498</bug>: Add the allRolesMode attribute to the Realm
@@ -860,7 +1272,8 @@
</add>
<add>
<bug>49811</bug>: Add an option to disable URL rewriting on a per
- Context basis. (markt)
+ Context basis. The option name is <code>disableURLRewriting</code>.
+ (markt)
</add>
<add>
<bug>49856</bug>: Expose the executor name for the connector via JMX.
@@ -1134,7 +1547,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>49585</bug>: Update JSVC documentation to reflect new packaging
@@ -1296,7 +1709,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>49213</bug>: Grant permissions required by manager application when
@@ -1528,7 +1941,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<add>
Use underscores instead of spaces in anchor names in Tomcat
@@ -1632,7 +2045,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<add>
Make changelog.xml be directly rendered as HTML by certain browsers.
@@ -1800,7 +2213,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<add>
Add new "Find leaks" command to the Manager application. It allows to
@@ -1930,7 +2343,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<add>
<bug>48530</bug>: Add information on the Manager Server Status page to
@@ -2561,7 +2974,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>41564</bug>: Add some documentation on installing Tomcat as a
@@ -2813,7 +3226,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>46509</bug>: Use correct link on error page in JSP security
@@ -3330,7 +3743,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>45940</bug>: Correct name of username attribute for JDBC resources
@@ -3448,7 +3861,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<update>
<bug>45323</bug>: Add note that context.xml files can only contain a
@@ -3786,7 +4199,7 @@
</add>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<update>
Update documentation to use correct version number, correct file paths
@@ -4060,7 +4473,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>43173</bug>: Fix typo in logging documentation regarding location
@@ -4259,7 +4672,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
Fix WebDAV Servlet so it works correctly with MS clients. (markt)
@@ -4397,7 +4810,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
Don't write error on System.out, use log() instead. (rjung)
@@ -4477,7 +4890,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
Some examples webapp fixes. Submitted by Frank McCown. (remm)
@@ -4544,7 +4957,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>42025</bug>: Update valve documentation to refer to correct regular
@@ -4732,7 +5145,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
Fix previous update to servlet 2.5 xsd to use correct declaration.
@@ -4971,7 +5384,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<docs>
Add a virtual hosting how-to contributed by Hassan Schroeder. (markt)
@@ -5165,7 +5578,7 @@
</fix>
</changelog>
</subsection>
- <subsection name="Webapps">
+ <subsection name="Web applications">
<changelog>
<fix>
<bug>40677</bug>: Update SSL documentation to indicate that PKCS11
diff --git a/webapps/docs/class-loader-howto.xml b/webapps/docs/class-loader-howto.xml
index 7f82a0f..316526d 100644
--- a/webapps/docs/class-loader-howto.xml
+++ b/webapps/docs/class-loader-howto.xml
@@ -214,8 +214,8 @@ preference to this one.</p>
Mechanism" to allow replacement of APIs created outside of the JCP
(i.e. DOM and SAX from W3C). It can also be used to update the XML parser
implementation. For more information, see:
-<a href="http://download.oracle.com/javase/1.5.0/docs/guide/standards/index.html">
-http://download.oracle.com/javase/1.5.0/docs/guide/standards/index.html</a>.</p>
+<a href="http://docs.oracle.com/javase/1.5.0/docs/guide/standards/index.html">
+http://docs.oracle.com/javase/1.5.0/docs/guide/standards/index.html</a>.</p>
<p>Tomcat utilizes this mechanism by including the system property setting
<code>-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS</code> in the
diff --git a/webapps/docs/config/ajp.xml b/webapps/docs/config/ajp.xml
index c9c9643..8a46c9a 100644
--- a/webapps/docs/config/ajp.xml
+++ b/webapps/docs/config/ajp.xml
@@ -90,7 +90,14 @@
order to return the actual host name of the remote client. Set
to <code>false</code> to skip the DNS lookup and return the IP
address in String form instead (thereby improving performance).
- By default, DNS lookups are enabled.</p>
+ By default, DNS lookups are disabled.</p>
+ </attribute>
+
+ <attribute name="maxHeaderCount" required="false">
+ <p>The maximum number of headers in a request that are allowed by the
+ container. A request that contains more headers than the specified limit
+ will be rejected. A value of less than 0 means no limit.
+ If not specified, a default of 100 is used.</p>
</attribute>
<attribute name="maxParameterCount" required="false">
@@ -123,6 +130,26 @@
to 4096 (4 kilobytes).</p>
</attribute>
+ <attribute name="parseBodyMethods" required="false">
+ <p>A comma-separated list of HTTP methods for which request
+ bodies will be parsed for request parameters identically
+ to POST. This is useful in RESTful applications that want to
+ support POST-style semantics for PUT requests.
+ Note that any setting other than <code>POST</code> causes Tomcat
+ to behave in a way that does against the intent of the servlet
+ specification.
+ The HTTP method TRACE is specifically forbidden here in accordance
+ with the HTTP specification.
+ The default is <code>POST</code></p>
+ </attribute>
+
+ <attribute name="port" required="true">
+ <p>The TCP port number on which this <strong>Connector</strong>
+ will create a server socket and await incoming connections. Your
+ operating system will allow only one server application to listen
+ to a particular port number on a particular IP address.</p>
+ </attribute>
+
<attribute name="protocol" required="false">
<p>Sets the protocol to handle incoming traffic. The default value is
<code>AJP/1.3</code> and configures
diff --git a/webapps/docs/config/cluster-interceptor.xml b/webapps/docs/config/cluster-interceptor.xml
index 6298306..0d3cfda 100644
--- a/webapps/docs/config/cluster-interceptor.xml
+++ b/webapps/docs/config/cluster-interceptor.xml
@@ -55,6 +55,7 @@
<li><code>org.apache.catalina.tribes.group.interceptors.DomainFilterInterceptor</code></li>
<li><code>org.apache.catalina.tribes.group.interceptors.FragmentationInterceptor</code></li>
<li><code>org.apache.catalina.tribes.group.interceptors.GzipInterceptor</code></li>
+ <li><code>org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor</code></li>
</ul>
</p>
</section>
@@ -143,6 +144,20 @@
<attributes>
</attributes>
</subsection>
+ <subsection name="org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor Attributes">
+ <attributes>
+ <attribute name="interval" required="false">
+ If useThread == true, defines the interval of sending a ping message.
+ default is 1000 ms.
+ </attribute>
+ <attribute name="useThread" required="false">
+ Flag of whether to start a thread for sending a ping message.
+ If set to true, this interceptor will start a local thread for sending a ping message.
+ if set to false, channel heartbeat will send a ping message.
+ default is false.
+ </attribute>
+ </attributes>
+ </subsection>
<subsection name="org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor Attributes">
<attributes>
<attribute name="interval" required="false">
diff --git a/webapps/docs/config/cluster-receiver.xml b/webapps/docs/config/cluster-receiver.xml
index 3c97799..75b2d4d 100644
--- a/webapps/docs/config/cluster-receiver.xml
+++ b/webapps/docs/config/cluster-receiver.xml
@@ -132,7 +132,7 @@
</attribute>
<attribute name="soTrafficClass" required="false">
Sets the traffic class level for the socket, the value is between 0 and 255.
- Different values are defined in <a href="http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setTrafficClass(int)">
+ Different values are defined in <a href="http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setTrafficClass(int)">
java.net.Socket#setTrafficClass(int)</a>.
</attribute>
<attribute name="tcpNoDelay" required="false">
diff --git a/webapps/docs/config/cluster-sender.xml b/webapps/docs/config/cluster-sender.xml
index 230223e..f4c750f 100644
--- a/webapps/docs/config/cluster-sender.xml
+++ b/webapps/docs/config/cluster-sender.xml
@@ -139,7 +139,7 @@
<attribute name="soTrafficClass" required="false">
Sets the traffic class level for the socket, the value is between 0 and 255.
Default value is <code>int soTrafficClass = 0x04 | 0x08 | 0x010;</code>
- Different values are defined in <a href="http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setTrafficClass(int)">
+ Different values are defined in <a href="http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setTrafficClass(int)">
java.net.Socket#setTrafficClass(int)</a>.
</attribute>
<attribute name="tcpNoDelay" required="false">
diff --git a/webapps/docs/config/context.xml b/webapps/docs/config/context.xml
index 9743500..b1bfde6 100644
--- a/webapps/docs/config/context.xml
+++ b/webapps/docs/config/context.xml
@@ -905,8 +905,8 @@
two additional attributes to allow a shared data source to be used with different credentials.
When these two additional attributes are used in combination with the <code>javax.sql.DataSource</code>
type, different contexts can share a global data source with different credentials.
- Under the hood, what happens is that a call to <a href="http://download.oracle.com/javase/6/docs/api/javax/sql/DataSource.html#getConnection()"><code>getConnection()</code></a>
- is simply translated to a call <a href="http://download.oracle.com/javase/6/docs/api/javax/sql/DataSource.html#getConnection(java.lang.String,%20java.lang.String)">
+ Under the hood, what happens is that a call to <a href="http://docs.oracle.com/javase/6/docs/api/javax/sql/DataSource.html#getConnection()"><code>getConnection()</code></a>
+ is simply translated to a call <a href="http://docs.oracle.com/javase/6/docs/api/javax/sql/DataSource.html#getConnection(java.lang.String,%20java.lang.String)">
<code>getConnection(username, password)</code></a> on the global data source. This is an easy way to get code to be transparent to what schemas are being used,
yet be able to control connections (or pools) in the global configuration.
</p>
@@ -925,16 +925,27 @@
</attribute>
</attributes>
- <p>Shared Data Source Example</p>
+ <p>Shared Data Source Example:</p>
+ <p><strong>Warning:</strong> This feature works only if the global DataSource
+supports <code>getConnection(username, password)</code> method.
+<a href="http://commons.apache.org/dbcp/">Apache Commons DBCP</a> pool that
+Tomcat uses by default does not support it. See its Javadoc for
+<code>BasicDataSource</code> class.
+<a href="http://tomcat.apache.org/tomcat-7.0-doc/jdbc-pool.html">Apache Tomcat JDBC pool</a>
+(included with Tomcat 7 and later) does support it,
+but by default this support is disabled and can be enabled by
+<code>alternateUsernameAllowed</code> attribute. See its documentation
+for details. The example below uses Apache Tomcat JDBC pool.</p>
<source>
<GlobalNamingResources>
...
<Resource name="sharedDataSource"
global="sharedDataSource"
type="javax.sql.DataSource"
+ factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
+ alternateUsernameAllowed="true"
username="bar"
password="barpass"
-
...
...
</GlobalNamingResources>
diff --git a/webapps/docs/config/executor.xml b/webapps/docs/config/executor.xml
index 05759a5..f68cb23 100644
--- a/webapps/docs/config/executor.xml
+++ b/webapps/docs/config/executor.xml
@@ -102,6 +102,10 @@
<p>(int) The number of milliseconds before an idle thread shutsdown, unless the number of active threads are less
or equal to minSpareThreads. Default value is <code>60000</code>(1 minute)</p>
</attribute>
+ <attribute name="maxQueueSize" required="false">
+ <p>(int) The maximum number of runnable tasks that can queue up awaiting
+ execution before we reject them. Default value is <code>Integer.MAX_VALUE</code></p>
+ </attribute>
</attributes>
diff --git a/webapps/docs/config/filter.xml b/webapps/docs/config/filter.xml
index c50a747..3ef5e0d 100644
--- a/webapps/docs/config/filter.xml
+++ b/webapps/docs/config/filter.xml
@@ -112,6 +112,58 @@
</section>
+<section name="Set Character Encoding Filter">
+
+ <subsection name="Introduction">
+
+ <p>User agents don't always include character encoding information in
+ requests. Depending on the how the request is processed, usually the
+ default encoding of ISO-8859-1 is used. This is not always
+ desirable. This filter provides options for setting that encoding or
+ forcing it to a particular value. Essentially this filter calls
+ <code>ServletRequest.setCharacterEncoding()</code> method.</p>
+
+ <p>Effectively the value set by this filter is used when parsing parameters
+ in a POST request, if parameter parsing occurs later than this filter. Thus
+ the order of filter mappings is important. Note that the encoding for GET
+ requests is not set here, but on a <strong>Connector</strong>. See
+ CharacterEncoding page in the FAQ for details.</p>
+
+ </subsection>
+
+ <subsection name="Filter Class Name">
+
+ <p>The filter class name for the Set Character Encoding Filter is
+ <strong><code>org.apache.catalina.filters.SetCharacterEncodingFilter</code></strong>.</p>
+
+ </subsection>
+
+ <subsection name="Initialisation parameters">
+
+ <p>The Set Character Encoding Filter supports the following initialization
+ parameters:</p>
+
+ <attributes>
+
+ <attribute name="encoding" required="true">
+ <p>Name of the character encoding which should be set.</p>
+ </attribute>
+
+ <attribute name="ignore" required="false">
+ <p>Determines if any character encoding specified by the user agent is
+ ignored. If this attribute is <code>true</code>, any value provided by
+ the user agent is ignored. If <code>false</code>, the encoding is only
+ set if the user agent did not specify an encoding. The default value
+ is <code>false</code>.</p>
+ </attribute>
+
+ </attributes>
+
+ </subsection>
+
+</section>
+
+
<section name="Failed Request Filter">
<subsection name="Introduction">
@@ -131,6 +183,10 @@
filter is not so high, because parameter parsing does check content type
of the request before consuming the request body.</p>
+ <p>Note, that for the POST requests to be parsed correctly, a
+ <code>SetCharacterEncodingFilter</code> filter must be configured above
+ this one. See CharacterEncoding page in the FAQ for details.</p>
+
<p>The request is rejected with HTTP status code 400 (Bad Request).</p>
</subsection>
@@ -138,8 +194,7 @@
<subsection name="Filter Class Name">
<p>The filter class name for the Failed Request Filter is
- <strong><code>org.apache.catalina.filters.FailedRequestFilter</code>
- </strong>.</p>
+ <strong><code>org.apache.catalina.filters.FailedRequestFilter</code></strong>.</p>
</subsection>
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 9585742..9847a04 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -59,7 +59,7 @@
If still more simultaneous requests are received, they are stacked up
inside the server socket created by the <strong>Connector</strong>, up to
the configured maximum (the value of the <code>acceptCount</code>
- attribute. Any further simultaneous requests will receive "connection
+ attribute). Any further simultaneous requests will receive "connection
refused" errors, until resources are available to process them.</p>
</section>
@@ -97,7 +97,14 @@
order to return the actual host name of the remote client. Set
to <code>false</code> to skip the DNS lookup and return the IP
address in String form instead (thereby improving performance).
- By default, DNS lookups are enabled.</p>
+ By default, DNS lookups are disabled.</p>
+ </attribute>
+
+ <attribute name="maxHeaderCount" required="false">
+ <p>The maximum number of headers in a request that are allowed by the
+ container. A request that contains more headers than the specified limit
+ will be rejected. A value of less than 0 means no limit.
+ If not specified, a default of 100 is used.</p>
</attribute>
<attribute name="maxParameterCount" required="false">
@@ -130,6 +137,26 @@
to 4096 (4 kilobytes).</p>
</attribute>
+ <attribute name="parseBodyMethods" required="false">
+ <p>A comma-separated list of HTTP methods for which request
+ bodies will be parsed for request parameters identically
+ to POST. This is useful in RESTful applications that want to
+ support POST-style semantics for PUT requests.
+ Note that any setting other than <code>POST</code> causes Tomcat
+ to behave in a way that does against the intent of the servlet
+ specification.
+ The HTTP method TRACE is specifically forbidden here in accordance
+ with the HTTP specification.
+ The default is <code>POST</code></p>
+ </attribute>
+
+ <attribute name="port" required="true">
+ <p>The TCP port number on which this <strong>Connector</strong>
+ will create a server socket and await incoming connections. Your
+ operating system will allow only one server application to listen
+ to a particular port number on a particular IP address.</p>
+ </attribute>
+
<attribute name="protocol" required="false">
<p>
Sets the protocol to handle incoming traffic.
@@ -575,13 +602,13 @@
<p>(byte)Value between <code>0</code> and <code>255</code> for the traffic class on the socket, <code>0x04 | 0x08 | 0x010</code></p>
</attribute>
<attribute name="socket.performanceConnectionTime" required="false">
- <p>(int)The first value for the performance settings. Default is <code>1</code>, see <a href="http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)">Socket Performance Options</a></p>
+ <p>(int)The first value for the performance settings. Default is <code>1</code>, see <a href="http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)">Socket Performance Options</a></p>
</attribute>
<attribute name="socket.performanceLatency" required="false">
- <p>(int)The second value for the performance settings. Default is <code>0</code>, see <a href="http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)">Socket Performance Options</a></p>
+ <p>(int)The second value for the performance settings. Default is <code>0</code>, see <a href="http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)">Socket Performance Options</a></p>
</attribute>
<attribute name="socket.performanceBandwidth" required="false">
- <p>(int)The third value for the performance settings. Default is <code>1</code>, see <a href="http://java.sun.com/j2se/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)">Socket Performance Options</a></p>
+ <p>(int)The third value for the performance settings. Default is <code>1</code>, see <a href="http://docs.oracle.com/javase/1.5.0/docs/api/java/net/Socket.html#setPerformancePreferences(int,%20int,%20int)">Socket Performance Options</a></p>
</attribute>
<attribute name="selectorPool.maxSelectors" required="false">
<p>(int)The max selectors to be used in the pool, to reduce selector contention.
diff --git a/webapps/docs/config/listeners.xml b/webapps/docs/config/listeners.xml
index 944392c..940759a 100644
--- a/webapps/docs/config/listeners.xml
+++ b/webapps/docs/config/listeners.xml
@@ -112,6 +112,16 @@
this to <code>/dev/urandom</code> to allow quicker start times.</p>
</attribute>
+ <attribute name="FIPSMode" required="false">
+ <p>Set to <code>on</code> to instruct OpenSSL to go into FIPS mode.
+ FIPS mode <em>requires you to have a FIPS-capable OpenSSL library which
+ you must build yourself</em>.
+ FIPS mode also requires Tomcat native library version 1.1.23 or later,
+ which <em>must be built against the FIPS-compatible OpenSSL</em> library.
+ If this attribute is "on", <b>SSLEngine</b> must be enabled as well.
+ The default value is <code>off</code>.</p>
+ </attribute>
+
</attributes>
</subsection>
@@ -172,7 +182,7 @@
behind a firewall. Only these ports are configured via the listener. The
remainder of the configuration is via the standard system properties for
configuring JMX. For further information on configuring JMX see
- <a href="http://java.sun.com/javase/6/docs/technotes/guides/management/agent.html">
+ <a href="http://docs.oracle.com/javase/6/docs/technotes/guides/management/agent.html">
Monitoring and Management Using JMX</a> included with the Java SDK
documentation.</p>
diff --git a/webapps/docs/config/manager.xml b/webapps/docs/config/manager.xml
index 5262ce5..f4de9b4 100644
--- a/webapps/docs/config/manager.xml
+++ b/webapps/docs/config/manager.xml
@@ -146,7 +146,7 @@
<attribute name="processExpiresFrequency" required="false">
<p>Frequency of the session expiration, and related manager operations.
Manager operations will be done once for the specified amount of
- backgrondProcess calls (i.e., the lower the amount, the more often the
+ backgroundProcess calls (i.e., the lower the amount, the more often the
checks will occur). The minimum value is 1, and the default value is 6.
</p>
</attribute>
@@ -157,6 +157,13 @@
<code>java.security.SecureRandom</code>.</p>
</attribute>
+ <attribute name="randomFile" required="false">
+ <p>Name of a file that provides random data that are used to generate
+ session ids. If not specified, the default value is
+ <code>/dev/urandom</code> on Unix-like systems (those where such
+ file path is absolute) and empty on others.</p>
+ </attribute>
+
<attribute name="sessionIdLength" required="false">
<p>The length of session ids created by this Manager, measured in bytes,
excluding subsequent conversion to a hexadecimal string and
@@ -265,6 +272,13 @@
<code>java.security.SecureRandom</code>.</p>
</attribute>
+ <attribute name="randomFile" required="false">
+ <p>Name of a file that provides random data that are used to generate
+ session ids. If not specified, the default value is
+ <code>/dev/urandom</code> on Unix-like systems (those where such
+ file path is absolute) and empty on others.</p>
+ </attribute>
+
<attribute name="saveOnRestart" required="false">
<p>Should all sessions be persisted and reloaded when Tomcat is shut
down and restarted (or when this application is reloaded)? By default,
diff --git a/webapps/docs/config/project.xml b/webapps/docs/config/project.xml
index 95b2110..f3a4f30 100644
--- a/webapps/docs/config/project.xml
+++ b/webapps/docs/config/project.xml
@@ -54,7 +54,6 @@
</menu>
<menu name="Nested Components">
- <item name="Filter" href="filter.html"/>
<item name="Global Resources" href="globalresources.html"/>
<item name="Listeners" href="listeners.html"/>
<item name="Loader" href="loader.html"/>
@@ -77,7 +76,8 @@
<item name="ClusterListener" href="cluster-listener.html"/>
</menu>
- <menu name="Global Settings">
+ <menu name="Other">
+ <item name="Filter" href="filter.html"/>
<item name="System properties" href="systemprops.html"/>
</menu>
</body>
diff --git a/webapps/docs/config/realm.xml b/webapps/docs/config/realm.xml
index bea1530..70295ba 100644
--- a/webapps/docs/config/realm.xml
+++ b/webapps/docs/config/realm.xml
@@ -82,17 +82,15 @@
</attributes>
- </subsection>
-
-
- <subsection name="Standard Implementation">
-
<p>Unlike most Catalina components, there are several standard
<strong>Realm</strong> implementations available. As a result,
the <code>className</code> attribute MUST be used to select the
implementation you wish to use.</p>
- <h3>JDBC Database Realm (org.apache.catalina.realm.JDBCRealm)</h3>
+ </subsection>
+
+
+ <subsection name="JDBC Database Realm - org.apache.catalina.realm.JDBCRealm">
<p>The <strong>JDBC Database Realm</strong> connects Catalina to
a relational database, accessed through an appropriate JDBC driver,
@@ -118,6 +116,11 @@
authenticated and no check will be made for assigned roles unless roles
are defined in web.xml in which case the user must be assigned at least
one of those roles.</p>
+ <p>When this attribute has the value of <code>authOnly</code> or
+ <code>strictAuthOnly</code>, the <strong>roleNameCol</strong> and
+ <strong>userRoleTable</strong> attributes become optional. If those two
+ attributes are omitted, the user's roles will not be loaded by this
+ Realm.</p>
</attribute>
<attribute name="connectionName" required="true">
@@ -151,9 +154,12 @@
used to connect to the authentication database.</p>
</attribute>
- <attribute name="roleNameCol" required="true">
+ <attribute name="roleNameCol" required="false">
<p>Name of the column, in the "user roles" table, which contains
a role name assigned to the corresponding user.</p>
+ <p>This attribute is <strong>required</strong> in majority of
+ configurations. See <strong>allRolesMode</strong> attribute for
+ a rare case when it can be omitted.</p>
</attribute>
<attribute name="userCredCol" required="true">
@@ -170,10 +176,13 @@
that contains the user's username.</p>
</attribute>
- <attribute name="userRoleTable" required="true">
+ <attribute name="userRoleTable" required="false">
<p>Name of the "user roles" table, which must contain columns
named by the <code>userNameCol</code> and <code>roleNameCol</code>
attributes.</p>
+ <p>This attribute is <strong>required</strong> in majority of
+ configurations. See <strong>allRolesMode</strong> attribute for
+ a rare case when it can be omitted.</p>
</attribute>
<attribute name="userTable" required="true">
@@ -182,16 +191,24 @@
attributes.</p>
</attribute>
+ <attribute name="X509UsernameRetrieverClassName" required="false">
+ <p>When using X509 client certificates, this specifies the class name
+ that will be used to retrieve the user name from the certificate.
+ The class must implement the
+ <code>org.apache.catalina.realm.X509UsernameRetriever</code>
+ interface. The default is to use the certificate's SubjectDN
+ as the username.</p>
+ </attribute>
</attributes>
<p>See the <a href="../realm-howto.html">Container-Managed Security Guide</a> for more
information on setting up container managed security using the
JDBC Database Realm component.</p>
+ </subsection>
+
- <h3>
- DataSource Database Realm (org.apache.catalina.realm.DataSourceRealm)
- </h3>
+ <subsection name="DataSource Database Realm - org.apache.catalina.realm.DataSourceRealm">
<p>The <strong>DataSource Database Realm</strong> connects Catalina to
a relational database, accessed through a JNDI named JDBC DataSource
@@ -226,6 +243,11 @@
authenticated and no check will be made for assigned roles unless roles
are defined in web.xml in which case the user must be assigned at least
one of those roles.</p>
+ <p>When this attribute has the value of <code>authOnly</code> or
+ <code>strictAuthOnly</code>, the <strong>roleNameCol</strong> and
+ <strong>userRoleTable</strong> attributes become optional. If those two
+ attributes are omitted, the user's roles will not be loaded by this
+ Realm.</p>
</attribute>
<attribute name="dataSourceName" required="true">
@@ -245,9 +267,12 @@
global DataSource.</p>
</attribute>
- <attribute name="roleNameCol" required="true">
+ <attribute name="roleNameCol" required="false">
<p>Name of the column, in the "user roles" table, which contains
a role name assigned to the corresponding user.</p>
+ <p>This attribute is <strong>required</strong> in majority of
+ configurations. See <strong>allRolesMode</strong> attribute for
+ a rare case when it can be omitted.</p>
</attribute>
<attribute name="userCredCol" required="true">
@@ -264,10 +289,13 @@
that contains the user's username.</p>
</attribute>
- <attribute name="userRoleTable" required="true">
+ <attribute name="userRoleTable" required="false">
<p>Name of the "user roles" table, which must contain columns
named by the <code>userNameCol</code> and <code>roleNameCol</code>
attributes.</p>
+ <p>This attribute is <strong>required</strong> in majority of
+ configurations. See <strong>allRolesMode</strong> attribute for
+ a rare case when it can be omitted.</p>
</attribute>
<attribute name="userTable" required="true">
@@ -276,15 +304,24 @@
attributes.</p>
</attribute>
+ <attribute name="X509UsernameRetrieverClassName" required="false">
+ <p>When using X509 client certificates, this specifies the class name
+ that will be used to retrieve the user name from the certificate.
+ The class must implement the
+ <code>org.apache.catalina.realm.X509UsernameRetriever</code>
+ interface. The default is to use the certificate's SubjectDN
+ as the username.</p>
+ </attribute>
</attributes>
<p>See the <a href="../realm-howto.html#DataSourceRealm">
DataSource Realm HOW-TO</a> for more information on setting up container
managed security using the DataSource Database Realm component.</p>
+ </subsection>
- <h3>JNDI Directory Realm (org.apache.catalina.realm.JNDIRealm)</h3>
+ <subsection name="JNDI Directory Realm - org.apache.catalina.realm.JNDIRealm">
<p>The <strong>JNDI Directory Realm</strong> connects Catalina to
an LDAP Directory, accessed through an appropriate JNDI driver,
@@ -518,20 +555,30 @@
expression.</p>
</attribute>
+ <attribute name="X509UsernameRetrieverClassName" required="false">
+ <p>When using X509 client certificates, this specifies the class name
+ that will be used to retrieve the user name from the certificate.
+ The class must implement the
+ <code>org.apache.catalina.realm.X509UsernameRetriever</code>
+ interface. The default is to use the certificate's SubjectDN
+ as the username.</p>
+ </attribute>
</attributes>
<p>See the <a href="../realm-howto.html">Container-Managed Security Guide</a> for more
information on setting up container managed security using the
JNDI Directory Realm component.</p>
+ </subsection>
+
- <h3>UserDatabase Realm (org.apache.catalina.realm.UserDatabaseRealm)</h3>
+ <subsection name="UserDatabase Realm - org.apache.catalina.realm.UserDatabaseRealm">
<p>The <strong>UserDatabase Realm</strong> is a Realm implementation
that is based on a UserDatabase resource made available through the global
JNDI resources configured for this Tomcat instance.</p>
- <p>The Memory Based Realm implementation supports the following
+ <p>The UserDatabase Realm implementation supports the following
additional attributes:</p>
<attributes>
@@ -550,10 +597,18 @@
</attribute>
<attribute name="resourceName" required="true">
- <p>The name of the resource that this realm will use for user, password
- and role information.</p>
+ <p>The name of the global <code>UserDatabase</code> resource
+ that this realm will use for user, password and role information.</p>
</attribute>
+ <attribute name="X509UsernameRetrieverClassName" required="false">
+ <p>When using X509 client certificates, this specifies the class name
+ that will be used to retrieve the user name from the certificate.
+ The class must implement the
+ <code>org.apache.catalina.realm.X509UsernameRetriever</code>
+ interface. The default is to use the certificate's SubjectDN
+ as the username.</p>
+ </attribute>
</attributes>
<p>See the
@@ -563,7 +618,10 @@
<a href="../jndi-resources-howto.html">JNDI resources how-to</a> for more
information on how to configure a UserDatabase resource.</p>
- <h3>Memory Based Realm (org.apache.catalina.realm.MemoryRealm)</h3>
+ </subsection>
+
+
+ <subsection name="Memory Based Realm - org.apache.catalina.realm.MemoryRealm">
<p>The <strong>Memory Based Realm</strong> is a simple Realm implementation
that reads user information from an XML format, and represents it as a
@@ -605,6 +663,14 @@
default value is <code>conf/tomcat-users.xml</code>.</p>
</attribute>
+ <attribute name="X509UsernameRetrieverClassName" required="false">
+ <p>When using X509 client certificates, this specifies the class name
+ that will be used to retrieve the user name from the certificate.
+ The class must implement the
+ <code>org.apache.catalina.realm.X509UsernameRetriever</code>
+ interface. The default is to use the certificate's SubjectDN
+ as the username.</p>
+ </attribute>
</attributes>
<p>The XML document referenced by the <code>pathname</code> attribute must
@@ -630,7 +696,10 @@
information on setting up container managed security using the
Memory Based Realm component.</p>
- <h3>JAAS Realm (org.apache.catalina.realm.JAASRealm)</h3>
+ </subsection>
+
+
+ <subsection name="JAAS Realm - org.apache.catalina.realm.JAASRealm">
<p><strong>JAASRealm</strong> is an implementation of the Tomcat 6
<code>Realm</code> interface that authenticates users through the Java
@@ -674,7 +743,7 @@
<attribute name="appName" required="true">
<p>The name of the application as configured in your login configuration
file
- (<a href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/tutorials/LoginConfigFile.html">JAAS LoginConfig</a>).</p>
+ (<a href="http://docs.oracle.com/javase/1.4.2/docs/guide/security/jaas/tutorials/LoginConfigFile.html">JAAS LoginConfig</a>).</p>
</attribute>
<attribute name="userClassNames" required="true">
@@ -696,13 +765,24 @@
<code>false</code>.</p>
</attribute>
+ <attribute name="X509UsernameRetrieverClassName" required="false">
+ <p>When using X509 client certificates, this specifies the class name
+ that will be used to retrieve the user name from the certificate.
+ The class must implement the
+ <code>org.apache.catalina.realm.X509UsernameRetriever</code>
+ interface. The default is to use the certificate's SubjectDN
+ as the username.</p>
+ </attribute>
</attributes>
<p>See the <a href="../realm-howto.html">Container-Managed Security
Guide</a> for more information on setting up container managed security
using the JAAS Realm component.</p>
- <h3>Combined Realm (org.apache.catalina.realm.CombinedRealm)</h3>
+ </subsection>
+
+
+ <subsection name="Combined Realm - org.apache.catalina.realm.CombinedRealm">
<p><strong>CombinedRealm</strong> is an implementation of the Tomcat 6
<code>Realm</code> interface that authenticates users through one or more
@@ -726,7 +806,10 @@
Guide</a> for more information on setting up container managed security
using the CombinedRealm component.</p>
- <h3>LockOut Realm (org.apache.catalina.realm.LockOutRealm)</h3>
+ </subsection>
+
+
+ <subsection name="LockOut Realm - org.apache.catalina.realm.LockOutRealm">
<p><strong>LockOutRealm</strong> is an implementation of the Tomcat 6
<code>Realm</code> interface that extends the CombinedRealm to provide lock
@@ -784,7 +867,6 @@
</subsection>
-
</section>
diff --git a/webapps/docs/config/valve.xml b/webapps/docs/config/valve.xml
index 976814f..de42c77 100644
--- a/webapps/docs/config/valve.xml
+++ b/webapps/docs/config/valve.xml
@@ -251,6 +251,9 @@
package. Please consult the Java documentation for details of the
expressions supported.</p>
+ <p>See also: <a href="#Remote_Host_Filter">Remote Host Filter</a>,
+ <a href="#Remote_IP_Valve">Remote IP Valve</a>.</p>
+
</subsection>
<subsection name="Attributes">
@@ -282,6 +285,12 @@
governed solely by the <code>accept</code> attribute.</p>
</attribute>
+ <attribute name="denyStatus" required="false">
+ <p>HTTP response status code that is used when rejecting denied
+ request. The default value is <code>403</code>. For example,
+ it can be set to the value <code>404</code>.</p>
+ </attribute>
+
</attributes>
</subsection>
@@ -307,6 +316,14 @@
package. Please consult the Java documentation for details of the
expressions supported.</p>
+ <p><strong>Note:</strong> This filter processes the value returned by
+ method <code>ServletRequest.getRemoteHost()</code>. To allow the method
+ to return proper host names, you have to enable "DNS lookups" feature on
+ a <strong>Connector</strong>.</p>
+
+ <p>See also: <a href="#Remote_Address_Filter">Remote Address Filter</a>,
+ <a href="http.html">HTTP Connector</a> configuration.</p>
+
</subsection>
<subsection name="Attributes">
@@ -338,6 +355,12 @@
governed solely by the <code>accept</code> attribute.</p>
</attribute>
+ <attribute name="denyStatus" required="false">
+ <p>HTTP response status code that is used when rejecting denied
+ request. The default value is <code>403</code>. For example,
+ it can be set to the value <code>404</code>.</p>
+ </attribute>
+
</attributes>
</subsection>
@@ -551,6 +574,12 @@
<attributes>
+ <attribute name="cache" required="false">
+ <p>Should we cache authenticated Principals if the request is part of an
+ HTTP session? If not specified, the default value of <code>false</code>
+ will be used.</p>
+ </attribute>
+
<attribute name="className" required="true">
<p>Java class name of the implementation to use. This MUST be set to
<strong>org.apache.catalina.authenticator.DigestAuthenticator</strong>.</p>
@@ -573,6 +602,32 @@
<code>true</code> will be used.</p>
</attribute>
+ <attribute name="key" required="false">
+ <p>The secret key used by digest authentication. If not set, a secure
+ random value is generated. This should normally only be set when it is
+ necessary to keep key values constant either across server restarts
+ and/or across a cluster.</p>
+ </attribute>
+
+ <attribute name="nonceCacheSize" required="false">
+ <p>To protect against replay attacks, the DIGEST authenticator tracks
+ server nonce and nonce count values. This attribute controls the size
+ of that cache. If not specified, the default value of 1000 is used.</p>
+ </attribute>
+
+ <attribute name="nonceValidity" required="false">
+ <p>The time, in milliseconds, that a server generated nonce will be
+ considered valid for use in authentication. If not specified, the
+ default value of 300000 (5 minutes) will be used.</p>
+ </attribute>
+
+ <attribute name="opaque" required="false">
+ <p>The opaque server string used by digest authentication. If not set, a
+ random value is generated. This should normally only be set when it is
+ necessary to keep opaque values constant either across server restarts
+ and/or across a cluster.</p>
+ </attribute>
+
<attribute name="securePagesWithPragma" required="false">
<p>Controls the caching of pages that are protected by security
constraints. Setting this to <code>false</code> may help work around
@@ -582,6 +637,14 @@
If not set, the default value of <code>true</code> will be used.</p>
</attribute>
+ <attribute name="validateUri" required="false">
+ <p>Should the URI be validated as required by RFC2617? If not specified,
+ the default value of <code>true</code> will be used. This should
+ normally only be set when Tomcat is located behind a reverse proxy and
+ the proxy is modifying the URI passed to Tomcat such that DIGEST
+ authentication always fails.</p>
+ </attribute>
+
</attributes>
</subsection>
@@ -850,6 +913,50 @@
</section>
+<section name="Stuck Thread Detection Valve">
+
+ <subsection name="Introduction">
+
+ <p>This valve allows to detect requests that take a long time to process, which might
+ indicate that the thread that is processing it is stuck.</p>
+ <p>When such a request is detected, the current stack trace of its thread is written
+ to Tomcat log with a WARN level.</p>
+ <p>The IDs and names of the stuck threads are available through JMX in the
+ <code>stuckThreadIds</code> and <code>stuckThreadNames</code> attributes.
+ The IDs can be used with the standard Threading JVM MBean
+ (<code>java.lang:type=Threading</code>) to retrieve other information
+ about each stuck thread.</p>
+
+ </subsection>
+
+ <subsection name="Attributes">
+
+ <p>The <strong>Stuck Thread Detection Valve</strong> supports the
+ following configuration attributes:</p>
+
+ <attributes>
+
+ <attribute name="className" required="true">
+ <p>Java class name of the implementation to use. This MUST be set to
+ <strong>org.apache.catalina.valves.StuckThreadDetectionValve</strong>.
+ </p>
+ </attribute>
+
+ <attribute name="threshold" required="false">
+ <p>Minimum duration in seconds after which a thread is considered stuck.
+ Default is 600 seconds. If set to 0, the detection is disabled.</p>
+ <p>Note: since the detection is done in the background thread of the Container
+ (Engine, Host or Context) declaring this Valve, the threshold should be higher
+ than the <code>backgroundProcessorDelay</code> of this Container.</p>
+ </attribute>
+
+ </attributes>
+
+ </subsection>
+
+</section>
+
+
</body>
diff --git a/webapps/docs/deployer-howto.xml b/webapps/docs/deployer-howto.xml
index 6745de8..7b86304 100644
--- a/webapps/docs/deployer-howto.xml
+++ b/webapps/docs/deployer-howto.xml
@@ -324,7 +324,7 @@
</li>
<li>
<code>username</code>: Tomcat Manager username (user should have a role of
- manager)
+ manager-script)
</li>
<li><code>password</code>: Tomcat Manager password.</li>
</ul>
diff --git a/webapps/docs/funcspecs/fs-admin-objects.xml b/webapps/docs/funcspecs/fs-admin-objects.xml
index 6a3b79b..cd314f3 100644
--- a/webapps/docs/funcspecs/fs-admin-objects.xml
+++ b/webapps/docs/funcspecs/fs-admin-objects.xml
@@ -25,7 +25,7 @@
<properties>
<author email="craigmcc at apache.org">Craig McClanahan</author>
<title>Administrative Apps - Administered Objects</title>
- <revision>$Id: fs-admin-objects.xml 918479 2010-03-03 14:08:02Z kkolinko $</revision>
+ <revision>$Id: fs-admin-objects.xml 1344544 2012-05-31 02:33:22Z kkolinko $</revision>
</properties>
<body>
@@ -118,7 +118,7 @@ Operations</a> that can be performed when the administrative application is
<li><code>debug</code> - Debugging detail level. [0]</li>
<li><code>enableLookups</code> - Should we perform DNS lookups on remote
IP addresses when <code>request.getRemoteHost()</code> is called?
- [true]</li>
+ [false]</li>
<li><code>maxProcessors</code> - The maximum number of processor threads
supported by this connector. [20]</li>
<li><code>minProcessors</code> - The minimum number of processor threads
diff --git a/webapps/docs/funcspecs/fs-jndi-realm.xml b/webapps/docs/funcspecs/fs-jndi-realm.xml
index af7a7e0..07e82ec 100644
--- a/webapps/docs/funcspecs/fs-jndi-realm.xml
+++ b/webapps/docs/funcspecs/fs-jndi-realm.xml
@@ -25,7 +25,7 @@
<properties>
<author email="craigmcc at apache.org">Craig McClanahan</author>
<title>JNDIRealm</title>
- <revision>$Id: fs-jndi-realm.xml 918479 2010-03-03 14:08:02Z kkolinko $</revision>
+ <revision>$Id: fs-jndi-realm.xml 1243047 2012-02-11 12:35:26Z rjung $</revision>
</properties>
<body>
@@ -139,10 +139,6 @@
<li>Interactions with <code>JNDIRealm</code> will be initiated by
the appropriate <code>Authenticator</code> implementation, based
on the login method that is selected.</li>
- <li><code>JNDIRealm</code> must have the JNDI API classes available
- to it. For a JDK 1.2 container, that means <code>jndi.jar</code>
- and the appropriate implementation (such as <code>ldap.jar</code>)
- must be placed in the <code>server/lib</code> directory.</li>
</ul>
</subsection>
diff --git a/webapps/docs/index.xml b/webapps/docs/index.xml
index f8444a4..f549465 100644
--- a/webapps/docs/index.xml
+++ b/webapps/docs/index.xml
@@ -149,9 +149,9 @@ are responsible for installing, configuring, and operating a Apache Tomcat 6 ser
- Complete documentation and HOWTOs on the JK native webserver connector,
used to interface Apache Tomcat with servers like Apache HTTPd, IIS
and others.</li>
-<li><a href="http://download.oracle.com/docs/cd/E17802_01/products/products/servlet/2.5/docs/servlet-2_5-mr2/">
+<li><a href="http://docs.oracle.com/cd/E17802_01/products/products/servlet/2.5/docs/servlet-2_5-mr2/">
<strong>Servlet API Javadocs</strong></a> - The Servlet 2.5 API Javadocs.</li>
-<li><a href="http://download.oracle.com/docs/cd/E17802_01/products/products/jsp/2.1/docs/jsp-2_1-pfd2/index.html">
+<li><a href="http://docs.oracle.com/cd/E17802_01/products/products/jsp/2.1/docs/jsp-2_1-pfd2/index.html">
<strong>JSP API Javadocs</strong></a> - The JSP 2.1 API Javadocs.</li>
</ul>
diff --git a/webapps/docs/jasper-howto.xml b/webapps/docs/jasper-howto.xml
index faa0062..b19353b 100644
--- a/webapps/docs/jasper-howto.xml
+++ b/webapps/docs/jasper-howto.xml
@@ -332,7 +332,7 @@ are automatically compiled as part of the build process.
</p>
<p>
-At the jasper2 task you can use the option <code>addWebXmlMappings</code> for
+At the jasper task you can use the option <code>addWebXmlMappings</code> for
automatic merge the <code>${webapp.path}/WEB-INF/generated_web.xml</code>
with the current web application deployment descriptor at
<code>${webapp.path}/WEB-INF/web.xml</code>. When you want to use Java 5
diff --git a/webapps/docs/jndi-datasource-examples-howto.xml b/webapps/docs/jndi-datasource-examples-howto.xml
index 9bed435..234c157 100644
--- a/webapps/docs/jndi-datasource-examples-howto.xml
+++ b/webapps/docs/jndi-datasource-examples-howto.xml
@@ -69,7 +69,7 @@ the section about Automatic Application Deployment in the latter reference.
<section name="DriverManager, the service provider mechanism and memory leaks">
<p><code>java.sql.DriverManager</code> supports the
-<a href="http://download.oracle.com/javase/6/docs/api/index.html?java/sql/DriverManager.html">service
+<a href="http://docs.oracle.com/javase/6/docs/api/index.html?java/sql/DriverManager.html">service
provider</a> mechanism. This feature is that all the available JDBC drivers
that announce themselves by providing a <code>META-INF/services/java.sql.Driver</code>
file are automatically discovered, loaded and registered,
diff --git a/webapps/docs/jndi-resources-howto.xml b/webapps/docs/jndi-resources-howto.xml
index e96de88..8a2b6fd 100644
--- a/webapps/docs/jndi-resources-howto.xml
+++ b/webapps/docs/jndi-resources-howto.xml
@@ -110,7 +110,7 @@ element:</p>
<li><a href="config/context.html#Resource Links"><ResourceLink></a> -
Add a link to a resource defined in the global JNDI context. Use resource
links to give a web application access to a resource defined in
- the<a href="config/globalresources.html"><GlobalNamingResources></a>
+ the <a href="config/globalresources.html"><GlobalNamingResources></a>
child element of the <a href="config/server.html"><Server></a>
element.</li>
<li><a href="config/context.html#Transaction"><Transaction></a> -
@@ -492,6 +492,17 @@ Transport.send(message);
Customize the value of the <code>mail.smtp.host</code> parameter to
point at the server that provides SMTP service for your network.</p>
+ <p>Additional resource attributes and values will be converted to properties
+ and values and passed to
+ <code>javax.mail.Session.getInstance(java.util.Properties)</code> as part of
+ the <code>java.util.Properties</code> collection. In addition to the
+ properties defined in Annex A of the JavaMail specification, individual
+ providers may also support additional properties.</p>
+
+ <p>Tomcat's resource factory provides a <code>password</code> property
+ which can be configured by adding <code>password="yourpassword"</code>
+ to the Resource definition.</p>
+
<h3>4. Install the JavaMail libraries</h3>
<p><a href="http://www.oracle.com/technetwork/java/index-138643.html">
@@ -544,7 +555,7 @@ Transport.send(message);
<ul>
<li><a href="http://java.sun.com/products/jdbc/">http://java.sun.com/products/jdbc/</a> -
Home page for information about Java Database Connectivity.</li>
- <li><a href="http://java.sun.com/j2se/1.3/docs/guide/jdbc/spec2/jdbc2.1.frame.html">http://java.sun.com/j2se/1.3/docs/guide/jdbc/spec2/jdbc2.1.frame.html</a> -
+ <li><a href="http://docs.oracle.com/javase/1.3/docs/guide/jdbc/spec2/jdbc2.1.frame.html">http://docs.oracle.com/javase/1.3/docs/guide/jdbc/spec2/jdbc2.1.frame.html</a> -
The JDBC 2.1 API Specification.</li>
<li><a href="http://java.sun.com/products/jdbc/jdbc20.stdext.pdf">http://java.sun.com/products/jdbc/jdbc20.stdext.pdf</a> -
The JDBC 2.0 Standard Extension API (including the
@@ -708,13 +719,13 @@ conn.close();
<ul>
<li><strong>timeBetweenEvictionRunsMillis</strong> - The number of
milliseconds between consecutive runs of the evictor.
- Default: 30*60*1000 (30 minutes)</li>
+ Default: -1 (disabled)</li>
<li><strong>numTestsPerEvictionRun</strong> - The number of connections
that will be checked for idleness by the evitor during each
run of the evictor. Default: 3</li>
<li><strong>minEvictableIdleTimeMillis</strong> - The idle time in
milliseconds after which a connection can be removed from the pool
- by the evictor. Default: -1 (disabled)</li>
+ by the evictor. Default: 30*60*1000 (30 minutes)</li>
<li><strong>testWhileIdle</strong> - true or false: whether a connection
should be validated by the evictor thread using the validation query
while sitting idle in the pool. Default: false</li>
diff --git a/webapps/docs/logging.xml b/webapps/docs/logging.xml
index c54ca96..27d6c52 100644
--- a/webapps/docs/logging.xml
+++ b/webapps/docs/logging.xml
@@ -375,7 +375,7 @@ java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
package.
</li>
<li>Oracle Java 6 Javadoc for the
- <a href="http://download.oracle.com/javase/6/docs/api/java/util/logging/package-summary.html"><code>java.util.logging</code></a>
+ <a href="http://docs.oracle.com/javase/6/docs/api/java/util/logging/package-summary.html"><code>java.util.logging</code></a>
package.
</li>
</ul>
diff --git a/webapps/docs/manager-howto.xml b/webapps/docs/manager-howto.xml
index cd94f87..63d91ed 100644
--- a/webapps/docs/manager-howto.xml
+++ b/webapps/docs/manager-howto.xml
@@ -119,7 +119,7 @@ appropriate role. Therefore, access to the Manager application is completely
disabled by default.</p>
<p>To enable access to the Manager web application, you must either create
-a new username/password combination and associate on of the manager roles with
+a new username/password combination and associate one of the manager roles with
it, or add a manager role to some existing username/password combination. There
are four roles defined by the manager application:</p>
<ul>
diff --git a/webapps/docs/monitoring.xml b/webapps/docs/monitoring.xml
index cabc183..5e2ffe5 100644
--- a/webapps/docs/monitoring.xml
+++ b/webapps/docs/monitoring.xml
@@ -45,8 +45,8 @@
<section name="Enabling JMX Remote">
<p>The Sun website includes the list of options and how to configure JMX Remote on Java 5:
- <a href="http://java.sun.com/j2se/1.5.0/docs/guide/management/agent.html">
- http://java.sun.com/j2se/1.5.0/docs/guide/management/agent.html</a>.
+ <a href="http://docs.oracle.com/javase/1.5.0/docs/guide/management/agent.html">
+ http://docs.oracle.com/javase/1.5.0/docs/guide/management/agent.html</a>.
</p>
<p>The following is a quick configuration guide for Java 5:</p>
<p>Add the following parameters to your Tomcat startup script:
@@ -90,7 +90,7 @@ controlRole tomcat
<section name="Manage Tomcat with JMX remote Ant Tasks">
<p>To simplify JMX usage with Ant 1.6.x, a set of tasks is provided that may
be used with antlib.</p>
- <p><b>antlib</b>Copy your catalina-ant.jar from $CATALINA_HOME/lib to $ANT_HOME/lib.</p>
+ <p><b>antlib</b>: Copy your catalina-ant.jar from $CATALINA_HOME/lib to $ANT_HOME/lib.</p>
<p>The following example shows the JMX Accessor usage:</p>
<table border="1">
<tr><td><p><pre>
@@ -193,7 +193,7 @@ controlRole tomcat
<p><b>import:</b> Import the JMX Accessor Project with
<em><import file="${CATALINA.HOME}/bin/catalina-tasks.xml" /></em> and
reference the tasks with <em>jmxOpen</em>, <em>jmxSet</em>, <em>jmxGet</em>,
- <em>jmxQuery</em>, <em>jmxInvoke</em>,<em>jmxEquals</em> and <em>jmxCondition</em>. </p>
+ <em>jmxQuery</em>, <em>jmxInvoke</em>, <em>jmxEquals</em> and <em>jmxCondition</em>.</p>
</section>
diff --git a/webapps/docs/realm-howto.xml b/webapps/docs/realm-howto.xml
index 8db283f..c8605a9 100644
--- a/webapps/docs/realm-howto.xml
+++ b/webapps/docs/realm-howto.xml
@@ -205,10 +205,10 @@ java org.apache.catalina.realm.RealmBase \
</ul>
<p>If using digested passwords with DIGEST authentication, the cleartext used
- to generate the digest is different. In the examples above
- <code>{cleartext-password}</code> must be replaced with
- <code>{username}:{realm}:{cleartext-password}</code>. For example, in a
- development environment this might take the form
+ to generate the digest is different and the digest must use the MD5
+ algorithm. In the examples above <code>{cleartext-password}</code> must be
+ replaced with <code>{username}:{realm}:{cleartext-password}</code>. For
+ example, in a development environment this might take the form
<code>testUser:Authentication required:testPassword</code>. The value for
<code>{realm}</code> is taken from the <code><realm-name></code>
element of the web application's <code><login-config></code>. If
@@ -688,9 +688,6 @@ the name of this attribute.</p>
<li>If required, configure a username and password for use by Tomcat, that has
read only access to the information described above. (Tomcat will
never attempt to modify this information.)</li>
-<li>Place a copy of the JNDI driver you will be using (typically
- <code>ldap.jar</code> available with JNDI) inside the
- <code>$CATALINA_HOME/lib</code> directory.</li>
<li>Set up a <code><Realm></code> element, as described below, in your
<code>$CATALINA_BASE/conf/server.xml</code> file.</li>
<li>Restart Tomcat 6 if it is already running.</li>
@@ -1048,9 +1045,9 @@ integration with the CMA as implemented by Tomcat.
<ol>
<li>Write your own LoginModule, User and Role classes based
on JAAS (see
-<a href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html">the
+<a href="http://docs.oracle.com/javase/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html">the
JAAS Authentication Tutorial</a> and
-<a href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/JAASLMDevGuide.html">the JAAS Login Module
+<a href="http://docs.oracle.com/javase/1.4.2/docs/guide/security/jaas/JAASLMDevGuide.html">the JAAS Login Module
Developer's Guide</a>) to be managed by the JAAS Login
Context (<code>javax.security.auth.login.LoginContext</code>)
When developing your LoginModule, note that JAASRealm's built-in <code>CallbackHandler</code>
@@ -1065,7 +1062,7 @@ Regardless, the first Principal returned is <em>always</em> treated as the user
<li>Place the compiled classes on Tomcat's classpath
</li>
<li>Set up a login.config file for Java (see <a
- href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/tutorials/LoginConfigFile.html">JAAS
+ href="http://docs.oracle.com/javase/1.4.2/docs/guide/security/jaas/tutorials/LoginConfigFile.html">JAAS
LoginConfig file</a>) and tell Tomcat where to find it by specifying
its location to the JVM, for instance by setting the environment
variable: <code>JAVA_OPTS=$JAVA_OPTS -Djava.security.auth.login.config==$CATALINA_BASE/conf/jaas.config</code></li>
diff --git a/webapps/docs/security-manager-howto.xml b/webapps/docs/security-manager-howto.xml
index 6eb0932..151df74 100644
--- a/webapps/docs/security-manager-howto.xml
+++ b/webapps/docs/security-manager-howto.xml
@@ -154,7 +154,7 @@ permission java.io.FilePermission
This file completely replaces the <code>java.policy</code> file present
in your JDK system directories. The <code>catalina.policy</code> file
can be edited by hand, or you can use the
- <a href="http://java.sun.com/products/jdk/1.2/docs/tooldocs/solaris/policytool.html">policytool</a>
+ <a href="http://docs.oracle.com/javase/6/docs/technotes/guides/security/PolicyGuide.html">policytool</a>
application that comes with Java 1.2 or later.</p>
<p>Entries in the <code>catalina.policy</code> file use the standard
diff --git a/webapps/docs/ssi-howto.xml b/webapps/docs/ssi-howto.xml
index 3e8f5b2..5a02ee0 100644
--- a/webapps/docs/ssi-howto.xml
+++ b/webapps/docs/ssi-howto.xml
@@ -99,7 +99,7 @@ directives will expire. Default behaviour is for all SSI directives to be
evaluated for every request.</li>
<li><strong>isVirtualWebappRelative</strong> - Should "virtual" SSI directive
paths be interpreted as relative to the context root, instead of the server
-root? (0=false, 1=true) Default 0 (false).</li>
+root? Default false.</li>
<li><strong>inputEncoding</strong> - The encoding to be assumed for SSI
resources if one cannot be determined from the resource itself. Default is
the default platform encoding.</li>
@@ -129,7 +129,7 @@ directives will expire. Default behaviour is for all SSI directives to be
evaluated for every request.</li>
<li><strong>isVirtualWebappRelative</strong> - Should "virtual" SSI directive
paths be interpreted as relative to the context root, instead of the server
-root? (0=false, 1=true) Default 0 (false).</li>
+root? Default false.</li>
<li><strong>allowExec</strong> - Is the exec command enabled? Default is
false.</li>
</ul>
diff --git a/webapps/docs/tribes/tomcat-docs.xsl b/webapps/docs/tribes/tomcat-docs.xsl
index 78e6ec4..ffbf6f6 100644
--- a/webapps/docs/tribes/tomcat-docs.xsl
+++ b/webapps/docs/tribes/tomcat-docs.xsl
@@ -17,7 +17,7 @@
-->
<!-- Content Stylesheet for "tomcat-docs" Documentation -->
-<!-- $Id: tomcat-docs.xsl 1054623 2011-01-03 14:07:14Z rjung $ -->
+<!-- $Id: tomcat-docs.xsl 1226778 2012-01-03 13:37:20Z rjung $ -->
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
version="1.0">
@@ -182,7 +182,7 @@
<xsl:comment>PAGE FOOTER</xsl:comment>
<tr><td colspan="2">
<div align="center"><font color="{$body-link}" size="-1"><em>
- Copyright © 1999-2011, Apache Software Foundation
+ Copyright © 1999-2012, Apache Software Foundation
</em></font></div>
</td></tr>
diff --git a/webapps/docs/windows-service-howto.xml b/webapps/docs/windows-service-howto.xml
index 8d91740..1cf499b 100644
--- a/webapps/docs/windows-service-howto.xml
+++ b/webapps/docs/windows-service-howto.xml
@@ -108,10 +108,6 @@
<source>--Classpath=xx.jar</source>
</p>
<p> as command line parameter.</p>
- <p><strong>Note:</strong> PR_DEPENDSON, PR_ENVIRONMENT, PR_JVMOPTIONS,
- PR_JVMMS, PR_JVMMX, PR_JVMSS, PR_STARTPARAMS, PR_STOPPARAMS and
- PR_STOPTIMEOUT will not work until this bug is fixed:
- <a href="http://issues.apache.org/jira/browse/DAEMON-49">DAEMON-49</a></p>
<p>
<table>
<tr>
@@ -150,7 +146,9 @@
<td></td>
<td>List of environment variables that will be provided to the service
in the form <b>key=value</b>. They are separated using either
- <b>#</b> or <b>;</b> characters</td>
+ <b>#</b> or <b>;</b> characters. If you need to use either the <b>#</b>
+ or <b>;</b> character within a value then the entire value must be
+ enclosed inside single quotes.</td>
</tr>
<tr>
<td>--User</td>
diff --git a/webapps/examples/WEB-INF/classes/CookieExample.java b/webapps/examples/WEB-INF/classes/CookieExample.java
index 9b1858a..29661d1 100644
--- a/webapps/examples/WEB-INF/classes/CookieExample.java
+++ b/webapps/examples/WEB-INF/classes/CookieExample.java
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/* $Id: CookieExample.java 500674 2007-01-27 23:15:00Z markt $
+/* $Id: CookieExample.java 1345382 2012-06-01 22:53:14Z kkolinko $
*
*/
@@ -43,13 +43,12 @@ public class CookieExample extends HttpServlet {
PrintWriter out = response.getWriter();
out.println("<html>");
- out.println("<body bgcolor=\"white\">");
out.println("<head>");
String title = rb.getString("cookies.title");
out.println("<title>" + title + "</title>");
out.println("</head>");
- out.println("<body>");
+ out.println("<body bgcolor=\"white\">");
// relative links
diff --git a/webapps/examples/WEB-INF/classes/RequestHeaderExample.java b/webapps/examples/WEB-INF/classes/RequestHeaderExample.java
index ec7b8b7..9769c12 100644
--- a/webapps/examples/WEB-INF/classes/RequestHeaderExample.java
+++ b/webapps/examples/WEB-INF/classes/RequestHeaderExample.java
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/* $Id: RequestHeaderExample.java 500674 2007-01-27 23:15:00Z markt $
+/* $Id: RequestHeaderExample.java 1345382 2012-06-01 22:53:14Z kkolinko $
*
*/
@@ -43,13 +43,12 @@ public class RequestHeaderExample extends HttpServlet {
PrintWriter out = response.getWriter();
out.println("<html>");
- out.println("<body bgcolor=\"white\">");
out.println("<head>");
String title = rb.getString("requestheader.title");
out.println("<title>" + title + "</title>");
out.println("</head>");
- out.println("<body>");
+ out.println("<body bgcolor=\"white\">");
// all links relative
diff --git a/webapps/examples/WEB-INF/classes/RequestInfoExample.java b/webapps/examples/WEB-INF/classes/RequestInfoExample.java
index d6735be..098886f 100644
--- a/webapps/examples/WEB-INF/classes/RequestInfoExample.java
+++ b/webapps/examples/WEB-INF/classes/RequestInfoExample.java
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/* $Id: RequestInfoExample.java 500674 2007-01-27 23:15:00Z markt $
+/* $Id: RequestInfoExample.java 1345382 2012-06-01 22:53:14Z kkolinko $
*
*/
@@ -44,7 +44,6 @@ public class RequestInfoExample extends HttpServlet {
PrintWriter out = response.getWriter();
out.println("<html>");
- out.println("<body>");
out.println("<head>");
String title = rb.getString("requestinfo.title");
@@ -53,12 +52,12 @@ public class RequestInfoExample extends HttpServlet {
out.println("<body bgcolor=\"white\">");
// img stuff not req'd for source code html showing
- // all links relative!
+ // all links relative!
// XXX
// making these absolute till we work out the
// addition of a PathInfo issue
-
+
out.println("<a href=\"../reqinfo.html\">");
out.println("<img src=\"../images/code.gif\" height=24 " +
"width=24 align=right border=0 alt=\"view code\"></a>");
@@ -70,37 +69,36 @@ public class RequestInfoExample extends HttpServlet {
out.println("<table border=0><tr><td>");
out.println(rb.getString("requestinfo.label.method"));
out.println("</td><td>");
- out.println(request.getMethod());
+ out.println(HTMLFilter.filter(request.getMethod()));
out.println("</td></tr><tr><td>");
out.println(rb.getString("requestinfo.label.requesturi"));
- out.println("</td><td>");
+ out.println("</td><td>");
out.println(HTMLFilter.filter(request.getRequestURI()));
- out.println("</td></tr><tr><td>");
+ out.println("</td></tr><tr><td>");
out.println(rb.getString("requestinfo.label.protocol"));
- out.println("</td><td>");
- out.println(request.getProtocol());
+ out.println("</td><td>");
+ out.println(HTMLFilter.filter(request.getProtocol()));
out.println("</td></tr><tr><td>");
out.println(rb.getString("requestinfo.label.pathinfo"));
- out.println("</td><td>");
+ out.println("</td><td>");
out.println(HTMLFilter.filter(request.getPathInfo()));
out.println("</td></tr><tr><td>");
out.println(rb.getString("requestinfo.label.remoteaddr"));
+ out.println("</td><td>");
+ out.println(HTMLFilter.filter(request.getRemoteAddr()));
+ out.println("</td></tr>");
+
+ String cipherSuite=
+ (String)request.getAttribute("javax.servlet.request.cipher_suite");
+ if(cipherSuite!=null){
+ out.println("<tr><td>");
+ out.println("SSLCipherSuite:");
+ out.println("</td><td>");
+ out.println(HTMLFilter.filter(cipherSuite));
+ out.println("</td></tr>");
+ }
- String cipherSuite=
- (String)request.getAttribute("javax.servlet.request.cipher_suite");
- out.println("</td><td>");
- out.println(request.getRemoteAddr());
out.println("</table>");
-
- if(cipherSuite!=null){
- out.println("</td></tr><tr><td>");
- out.println("SSLCipherSuite:");
- out.println("</td>");
- out.println("<td>");
- out.println(request.getAttribute("javax.servlet.request.cipher_suite"));
- out.println("</td>");
- }
-
}
public void doPost(HttpServletRequest request,
diff --git a/webapps/examples/WEB-INF/classes/RequestParamExample.java b/webapps/examples/WEB-INF/classes/RequestParamExample.java
index 02f71ba..0520fd6 100644
--- a/webapps/examples/WEB-INF/classes/RequestParamExample.java
+++ b/webapps/examples/WEB-INF/classes/RequestParamExample.java
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/* $Id: RequestParamExample.java 500674 2007-01-27 23:15:00Z markt $
+/* $Id: RequestParamExample.java 1345382 2012-06-01 22:53:14Z kkolinko $
*
*/
@@ -44,7 +44,6 @@ public class RequestParamExample extends HttpServlet {
PrintWriter out = response.getWriter();
out.println("<html>");
- out.println("<body>");
out.println("<head>");
String title = rb.getString("requestparams.title");
diff --git a/webapps/examples/WEB-INF/classes/SessionExample.java b/webapps/examples/WEB-INF/classes/SessionExample.java
index 1b2c0b3..5bc48d3 100644
--- a/webapps/examples/WEB-INF/classes/SessionExample.java
+++ b/webapps/examples/WEB-INF/classes/SessionExample.java
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/* $Id: SessionExample.java 500674 2007-01-27 23:15:00Z markt $
+/* $Id: SessionExample.java 1345382 2012-06-01 22:53:14Z kkolinko $
*
*/
@@ -43,13 +43,12 @@ public class SessionExample extends HttpServlet {
PrintWriter out = response.getWriter();
out.println("<html>");
- out.println("<body bgcolor=\"white\">");
out.println("<head>");
String title = rb.getString("sessions.title");
out.println("<title>" + title + "</title>");
out.println("</head>");
- out.println("<body>");
+ out.println("<body bgcolor=\"white\">");
// img stuff not req'd for source code html showing
// relative links everywhere!
@@ -120,14 +119,11 @@ public class SessionExample extends HttpServlet {
out.println("</form>");
out.print("<p><a href=\"");
- out.print(response.encodeURL("SessionExample?dataname=foo&datavalue=bar"));
- out.println("\" >URL encoded </a>");
+ out.print(HTMLFilter.filter(response.encodeURL("SessionExample?dataname=foo&datavalue=bar")));
+ out.println("\" >URL encoded </a>");
out.println("</body>");
out.println("</html>");
-
- out.println("</body>");
- out.println("</html>");
}
public void doPost(HttpServletRequest request,
diff --git a/webapps/examples/jsp/cal/login.html b/webapps/examples/jsp/cal/login.html
index e601b17..a40bd49 100644
--- a/webapps/examples/jsp/cal/login.html
+++ b/webapps/examples/jsp/cal/login.html
@@ -39,7 +39,7 @@
</form>
<hr>
<font size=3 color="red"> Note: This application does not implement the complete
-functionality of a typical calendar application. It demostartes a way JSP can be
+functionality of a typical calendar application. It demonstrates a way JSP can be
used with html tables and forms.</font>
</center>
diff --git a/webapps/examples/jsp/jsp2/jspx/svgexample.html b/webapps/examples/jsp/jsp2/jspx/svgexample.html
index f6718fc..a2374ed 100644
--- a/webapps/examples/jsp/jsp2/jspx/svgexample.html
+++ b/webapps/examples/jsp/jsp2/jspx/svgexample.html
@@ -33,7 +33,7 @@
<p>
To execute this example, follow these steps:
<ol>
- <li>Download <a href="http://xml.apache.org/batik/index.html">Batik</a>,
+ <li>Download <a href="http://xmlgraphics.apache.org/batik/index.html">Apache Batik</a>,
or any other SVG viewer.</li>
<li>Copy the following URL:
<a href="http://localhost:8080/examples/jsp/jsp2/jspx/textRotate.jspx?name=JSPX">
diff --git a/webapps/examples/jsp/jsp2/jspx/textRotate.jspx b/webapps/examples/jsp/jsp2/jspx/textRotate.jspx
index 320ca1f..494ff3e 100644
--- a/webapps/examples/jsp/jsp2/jspx/textRotate.jspx
+++ b/webapps/examples/jsp/jsp2/jspx/textRotate.jspx
@@ -16,7 +16,7 @@
-->
<!--
- This example is based off the textRotate.svg example that comes
- - with Batik. The original example was written by Bill Haneman.
+ - with Apache Batik. The original example was written by Bill Haneman.
- This version by Mark Roth.
-->
<svg xmlns="http://www.w3.org/2000/svg"
diff --git a/webapps/host-manager/401.jsp b/webapps/host-manager/WEB-INF/jsp/401.jsp
similarity index 95%
rename from webapps/host-manager/401.jsp
rename to webapps/host-manager/WEB-INF/jsp/401.jsp
index 94627b0..ab6b627 100644
--- a/webapps/host-manager/401.jsp
+++ b/webapps/host-manager/WEB-INF/jsp/401.jsp
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Host Manager Application\"");
-%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
@@ -65,7 +62,7 @@
<li>The deprecated <tt>admin</tt> role should not be assigned to any
user.</li>
<li>Users with the <tt>admin-gui</tt> role should not be granted the
- <tt>manager-script</tt> role.</li>
+ <tt>admin-script</tt> role.</li>
<li>If the text interface is accessed through a browser (e.g. for testing
since this interface is intended for tools not humans) then the browser
must be closed afterwards to terminate the session.</li>
diff --git a/webapps/host-manager/403.jsp b/webapps/host-manager/WEB-INF/jsp/403.jsp
similarity index 96%
rename from webapps/host-manager/403.jsp
rename to webapps/host-manager/WEB-INF/jsp/403.jsp
index 5d7cc26..1950720 100644
--- a/webapps/host-manager/403.jsp
+++ b/webapps/host-manager/WEB-INF/jsp/403.jsp
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Host Manager Application\"");
-%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
@@ -80,7 +77,7 @@
<li>The deprecated <tt>admin</tt> role should not be assigned to any
user.</li>
<li>Users with the <tt>admin-gui</tt> role should not be granted the
- <tt>manager-script</tt> role.</li>
+ <tt>admin-script</tt> role.</li>
<li>If the text interface is accessed through a browser (e.g. for testing
since this interface is intended for tools not humans) then the browser
must be closed afterwards to terminate the session.</li>
diff --git a/webapps/host-manager/WEB-INF/web.xml b/webapps/host-manager/WEB-INF/web.xml
index 2befacf..debdf24 100644
--- a/webapps/host-manager/WEB-INF/web.xml
+++ b/webapps/host-manager/WEB-INF/web.xml
@@ -151,4 +151,13 @@
<role-name>admin</role-name>
</security-role>
+ <error-page>
+ <error-code>401</error-code>
+ <location>/WEB-INF/jsp/401.jsp</location>
+ </error-page>
+ <error-page>
+ <error-code>403</error-code>
+ <location>/WEB-INF/jsp/403.jsp</location>
+ </error-page>
+
</web-app>
diff --git a/webapps/manager/401.jsp b/webapps/manager/WEB-INF/jsp/401.jsp
similarity index 97%
rename from webapps/manager/401.jsp
rename to webapps/manager/WEB-INF/jsp/401.jsp
index a391373..ff9aefa 100644
--- a/webapps/manager/401.jsp
+++ b/webapps/manager/WEB-INF/jsp/401.jsp
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Manager Application\"");
-%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
diff --git a/webapps/manager/403.jsp b/webapps/manager/WEB-INF/jsp/403.jsp
similarity index 97%
rename from webapps/manager/403.jsp
rename to webapps/manager/WEB-INF/jsp/403.jsp
index 2882718..ebd81de 100644
--- a/webapps/manager/403.jsp
+++ b/webapps/manager/WEB-INF/jsp/403.jsp
@@ -14,9 +14,6 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%
- response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Manager Application\"");
-%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
diff --git a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
index abc9fb0..57ef63e 100644
--- a/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionDetail.jsp
@@ -42,7 +42,7 @@
<meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and should be treated as 'now' -->
<meta http-equiv="content-language" content="en"/>
<meta name="author" content="Cedrik LIME"/>
- <meta name="copyright" content="copyright 2005-2011 the Apache Software Foundation"/>
+ <meta name="copyright" content="copyright 2005-2012 the Apache Software Foundation"/>
<meta name="robots" content="noindex,nofollow,noarchive"/>
<title>Sessions Administration: details for <%= currentSessionId %></title>
</head>
diff --git a/webapps/manager/WEB-INF/jsp/sessionsList.jsp b/webapps/manager/WEB-INF/jsp/sessionsList.jsp
index b44e3d4..60d6c24 100644
--- a/webapps/manager/WEB-INF/jsp/sessionsList.jsp
+++ b/webapps/manager/WEB-INF/jsp/sessionsList.jsp
@@ -38,7 +38,7 @@
<meta http-equiv="expires" content="0"/><!-- 0 is an invalid value and should be treated as 'now' -->
<meta http-equiv="content-language" content="en"/>
<meta name="author" content="Cedrik LIME"/>
- <meta name="copyright" content="copyright 2005-2011 the Apache Software Foundation"/>
+ <meta name="copyright" content="copyright 2005-2012 the Apache Software Foundation"/>
<meta name="robots" content="noindex,nofollow,noarchive"/>
<title>Sessions Administration for <%= JspHelper.escapeXml(path) %></title>
</head>
diff --git a/webapps/manager/WEB-INF/web.xml b/webapps/manager/WEB-INF/web.xml
index 78d9106..d612295 100644
--- a/webapps/manager/WEB-INF/web.xml
+++ b/webapps/manager/WEB-INF/web.xml
@@ -286,11 +286,11 @@
<error-page>
<error-code>401</error-code>
- <location>/401.jsp</location>
+ <location>/WEB-INF/jsp/401.jsp</location>
</error-page>
<error-page>
<error-code>403</error-code>
- <location>/403.jsp</location>
+ <location>/WEB-INF/jsp/403.jsp</location>
</error-page>
</web-app>
--
tomcat6 packaging
More information about the pkg-java-commits
mailing list