ASF Bugzilla – Attachment 29331 Details for
Bug 53830
Better handling of Manager.randomFile default value on Windows
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
2012-09-05_tc55_53830_v2.patch
2012-09-05_tc55_53830_v2.patch (text/plain), 6.23 KB, created by
Konstantin Kolinko
on 2012-09-05 10:26:26 UTC
(
hide
)
Description:
2012-09-05_tc55_53830_v2.patch
Filename:
MIME Type:
Creator:
Konstantin Kolinko
Created:
2012-09-05 10:26:26 UTC
Size:
6.23 KB
patch
obsolete
>Index: container/catalina/src/share/org/apache/catalina/session/ManagerBase.java >=================================================================== >--- container/catalina/src/share/org/apache/catalina/session/ManagerBase.java (revision 1380959) >+++ container/catalina/src/share/org/apache/catalina/session/ManagerBase.java (working copy) >@@ -67,8 +67,20 @@ > > // ----------------------------------------------------- Instance Variables > >+ private static final String devRandomSourceDefault; >+ static { >+ // - Use the default value only if it is a Unix-like system >+ // - Check that it exists >+ File f = new File("/dev/urandom"); >+ if (f.isAbsolute() && f.exists()) { >+ devRandomSourceDefault = f.getPath(); >+ } else { >+ devRandomSourceDefault = null; >+ } >+ } >+ > protected DataInputStream randomIS=null; >- protected String devRandomSource="/dev/urandom"; >+ protected String devRandomSource = devRandomSourceDefault; > > /** > * The default message digest algorithm to use if we cannot use >@@ -220,32 +232,16 @@ > > > private class PrivilegedSetRandomFile implements PrivilegedAction{ >+ >+ private final String s; >+ > public PrivilegedSetRandomFile(String s) { >- devRandomSource = s; >+ this.s = s; > } > > public Object run(){ >- try { >- File f=new File( devRandomSource ); >- if( ! f.exists() ) return null; >- randomIS= new DataInputStream( new FileInputStream(f)); >- randomIS.readLong(); >- if( log.isDebugEnabled() ) >- log.debug( "Opening " + devRandomSource ); >- return randomIS; >- } catch (IOException ex){ >- log.warn("Error reading " + devRandomSource, ex); >- if (randomIS != null) { >- try { >- randomIS.close(); >- } catch (Exception e) { >- log.warn("Failed to close randomIS."); >- } >- } >- devRandomSource = null; >- randomIS=null; >- return null; >- } >+ doSetRandomFile(s); >+ return null; > } > } > >@@ -524,29 +520,50 @@ > // as a hack, you can use a static file - and generate the same > // session ids ( good for strange debugging ) > if (System.getSecurityManager() != null){ >- randomIS = (DataInputStream) AccessController >- .doPrivileged(new PrivilegedSetRandomFile(s)); >+ AccessController.doPrivileged(new PrivilegedSetRandomFile(s)); > } else { >- try{ >- devRandomSource=s; >- File f=new File( devRandomSource ); >- if( ! f.exists() ) return; >- randomIS= new DataInputStream( new FileInputStream(f)); >- randomIS.readLong(); >- if( log.isDebugEnabled() ) >- log.debug( "Opening " + devRandomSource ); >- } catch( IOException ex ) { >- log.warn("Error reading " + devRandomSource, ex); >- if (randomIS != null) { >- try { >- randomIS.close(); >- } catch (Exception e) { >- log.warn("Failed to close randomIS."); >- } >+ doSetRandomFile(s); >+ } >+ } >+ >+ private void doSetRandomFile(String s) { >+ DataInputStream is = null; >+ try { >+ if (s == null || s.length() == 0) { >+ return; >+ } >+ File f = new File(s); >+ if( ! f.exists() ) return; >+ if( log.isDebugEnabled() ) { >+ log.debug( "Opening " + s ); >+ } >+ is = new DataInputStream( new FileInputStream(f)); >+ is.readLong(); >+ } catch( IOException ex ) { >+ log.warn("Error reading " + s, ex); >+ if (is != null) { >+ try { >+ is.close(); >+ } catch (Exception ex2) { >+ log.warn("Failed to close " + s, ex2); > } >+ is = null; >+ } >+ } finally { >+ DataInputStream oldIS = randomIS; >+ if (is != null) { >+ devRandomSource = s; >+ } else { > devRandomSource = null; >- randomIS=null; > } >+ randomIS = is; >+ if (oldIS != null) { >+ try { >+ oldIS.close(); >+ } catch (Exception ex) { >+ log.warn("Failed to close RandomIS", ex); >+ } >+ } > } > } > >Index: container/webapps/docs/config/manager.xml >=================================================================== >--- container/webapps/docs/config/manager.xml (revision 1380959) >+++ container/webapps/docs/config/manager.xml (working copy) >@@ -157,6 +157,13 @@ > <code>java.security.SecureRandom</code>.</p> > </attribute> > >+ <attribute name="randomFile" required="false"> >+ <p>Name of a file that provides random data that are used to generate >+ session ids. If not specified, the default value is >+ <code>/dev/urandom</code> on Unix-like systems (those where such >+ file path is absolute) and empty on others.</p> >+ </attribute> >+ > <attribute name="sessionIdLength" required="false"> > <p>The length of session ids created by this Manager, excluding any > JVM route information used for load balancing. >@@ -263,6 +270,13 @@ > <code>java.security.SecureRandom</code>.</p> > </attribute> > >+ <attribute name="randomFile" required="false"> >+ <p>Name of a file that provides random data that are used to generate >+ session ids. If not specified, the default value is >+ <code>/dev/urandom</code> on Unix-like systems (those where such >+ file path is absolute) and empty on others.</p> >+ </attribute> >+ > <attribute name="saveOnRestart" required="false"> > <p>Should all sessions be persisted and reloaded when Tomcat is shut > down and restarted (or when this application is reloaded)? By default,
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=29331">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 53830
:
29329
|
29330
| 29331