ASF Bugzilla – Attachment 29329 Details for
Bug 53830
Better handling of Manager.randomFile default value on Windows
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
2012-09-05_tc6_53830.patch
2012-09-05_tc6_53830.patch (text/plain), 5.30 KB, created by
Konstantin Kolinko
on 2012-09-05 09:05:29 UTC
(
hide
)
Description:
2012-09-05_tc6_53830.patch
Filename:
MIME Type:
Creator:
Konstantin Kolinko
Created:
2012-09-05 09:05:29 UTC
Size:
5.30 KB
patch
obsolete
>Index: java/org/apache/catalina/session/ManagerBase.java >=================================================================== >--- java/org/apache/catalina/session/ManagerBase.java (revision 1381037) >+++ java/org/apache/catalina/session/ManagerBase.java (working copy) >@@ -75,8 +75,20 @@ > > // ----------------------------------------------------- Instance Variables > >+ private static final String devRandomSourceDefault; >+ static { >+ // - Use the default value only if it is a Unix-like system >+ // - Check that it exists >+ File f = new File("/dev/urandom"); >+ if (f.isAbsolute() && f.exists()) { >+ devRandomSourceDefault = f.getPath(); >+ } else { >+ devRandomSourceDefault = null; >+ } >+ } >+ > protected DataInputStream randomIS=null; >- protected String devRandomSource="/dev/urandom"; >+ protected String devRandomSource = devRandomSourceDefault; > > /** > * The default message digest algorithm to use if we cannot use >@@ -238,34 +250,17 @@ > > > private class PrivilegedSetRandomFile >- implements PrivilegedAction<DataInputStream>{ >- >+ implements PrivilegedAction<Void>{ >+ >+ private final String s; >+ > public PrivilegedSetRandomFile(String s) { >- devRandomSource = s; >+ this.s = s; > } >- >- public DataInputStream run(){ >- try { >- File f=new File( devRandomSource ); >- if( ! f.exists() ) return null; >- randomIS= new DataInputStream( new FileInputStream(f)); >- randomIS.readLong(); >- if( log.isDebugEnabled() ) >- log.debug( "Opening " + devRandomSource ); >- return randomIS; >- } catch (IOException ex){ >- log.warn("Error reading " + devRandomSource, ex); >- if (randomIS != null) { >- try { >- randomIS.close(); >- } catch (Exception e) { >- log.warn("Failed to close randomIS."); >- } >- } >- devRandomSource = null; >- randomIS=null; >- return null; >- } >+ >+ public Void run(){ >+ doSetRandomFile(s); >+ return null; > } > } > >@@ -544,27 +539,41 @@ > // as a hack, you can use a static file - and generate the same > // session ids ( good for strange debugging ) > if (Globals.IS_SECURITY_ENABLED){ >- randomIS = AccessController.doPrivileged(new PrivilegedSetRandomFile(s)); >+ AccessController.doPrivileged(new PrivilegedSetRandomFile(s)); > } else { >- try{ >- devRandomSource=s; >- File f=new File( devRandomSource ); >- if( ! f.exists() ) return; >- randomIS= new DataInputStream( new FileInputStream(f)); >- randomIS.readLong(); >- if( log.isDebugEnabled() ) >- log.debug( "Opening " + devRandomSource ); >- } catch( IOException ex ) { >- log.warn("Error reading " + devRandomSource, ex); >- if (randomIS != null) { >- try { >- randomIS.close(); >- } catch (Exception e) { >- log.warn("Failed to close randomIS."); >- } >+ doSetRandomFile(s); >+ } >+ } >+ >+ private void doSetRandomFile(String s) { >+ if (s == null || s.length() == 0) { >+ return; >+ } >+ DataInputStream is = null; >+ try{ >+ File f = new File(s); >+ if( ! f.exists() ) return; >+ if( log.isDebugEnabled() ) { >+ log.debug( "Opening " + s ); >+ } >+ is = new DataInputStream( new FileInputStream(f)); >+ is.readLong(); >+ } catch( IOException ex ) { >+ log.warn("Error reading " + s, ex); >+ if (is != null) { >+ try { >+ is.close(); >+ } catch (Exception e) { >+ log.warn("Failed to close " + s); > } >+ is = null; >+ } >+ } finally { >+ if (is != null) { >+ randomIS = is; >+ devRandomSource = s; >+ } else { > devRandomSource = null; >- randomIS=null; > } > } > } >Index: webapps/docs/config/manager.xml >=================================================================== >--- webapps/docs/config/manager.xml (revision 1381037) >+++ webapps/docs/config/manager.xml (working copy) >@@ -157,6 +157,13 @@ > <code>java.security.SecureRandom</code>.</p> > </attribute> > >+ <attribute name="randomFile" required="false"> >+ <p>Name of a file that provides random data that are used to generate >+ session ids. If not specified, the default value is >+ <code>/dev/urandom</code> on Unix-like systems (those where such >+ file path is absolute) and empty on others.</p> >+ </attribute> >+ > <attribute name="sessionIdLength" required="false"> > <p>The length of session ids created by this Manager, measured in bytes, > excluding subsequent conversion to a hexadecimal string and
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=29329">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 53830
:
29329
|
29330
|
29331