TCK failures: Fix remaining failures with APR/native and a security Manager

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@944518 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/TOMCAT-7-RELEASE-PLAN.txt b/TOMCAT-7-RELEASE-PLAN.txt
index 7ee1ac4..d109670 100644 (file)
--- a/TOMCAT-7-RELEASE-PLAN.txt
+++ b/TOMCAT-7-RELEASE-PLAN.txt
@@ -27,8 +27,7 @@
 
 3. Implement all the new Servlet 3 features
    NOTE: Status is based on a review of the specification, not the TCK tests
-   - Sections 1 to 15
-   - Strict spec compliance requires deployment descriptor validation
+   - Done
 
 4. Do an initial release (from trunk)
    - Create tc7.0.x\tags to hold release tags - Done

diff --git a/java/org/apache/catalina/core/StandardHostValve.java b/java/org/apache/catalina/core/StandardHostValve.java
index d0757a8..8b235f0 100644 (file)
--- a/java/org/apache/catalina/core/StandardHostValve.java
+++ b/java/org/apache/catalina/core/StandardHostValve.java
@@ -20,6 +20,8 @@ package org.apache.catalina.core;
 
 
 import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import javax.servlet.DispatcherType;
 import javax.servlet.RequestDispatcher;
@@ -126,8 +128,14 @@ final class StandardHostValve
         if( context.getLoader() != null ) {
             // Not started - it should check for availability first
             // This should eventually move to Engine, it's generic.
-            Thread.currentThread().setContextClassLoader
-                    (context.getLoader().getClassLoader());
+            if (Globals.IS_SECURITY_ENABLED) {
+                PrivilegedAction<Void> pa = new PrivilegedSetTccl(
+                        context.getLoader().getClassLoader());
+                AccessController.doPrivileged(pa);                
+            } else {
+                Thread.currentThread().setContextClassLoader
+                        (context.getLoader().getClassLoader());
+            }
         }
         if (request.isAsyncSupported()) {
             request.setAsyncSupported(context.getPipeline().isAsyncSupported());
@@ -155,8 +163,14 @@ final class StandardHostValve
         }
 
         // Restore the context classloader
-        Thread.currentThread().setContextClassLoader
-            (StandardHostValve.class.getClassLoader());
+        if (Globals.IS_SECURITY_ENABLED) {
+            PrivilegedAction<Void> pa = new PrivilegedSetTccl(
+                    StandardHostValve.class.getClassLoader());
+            AccessController.doPrivileged(pa);                
+        } else {
+            Thread.currentThread().setContextClassLoader
+                    (StandardHostValve.class.getClassLoader());
+        }
 
     }
 
@@ -449,5 +463,18 @@ final class StandardHostValve
 
     }
 
+    
+    private static class PrivilegedSetTccl implements PrivilegedAction<Void> {
 
+        private ClassLoader cl;
+
+        PrivilegedSetTccl(ClassLoader cl) {
+            this.cl = cl;
+        }
+
+        public Void run() {
+            Thread.currentThread().setContextClassLoader(cl);
+            return null;
+        }
+    }
 }

diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java b/java/org/apache/tomcat/util/net/AprEndpoint.java
index 42774f9..c67cc76 100644 (file)
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -17,10 +17,13 @@
 
 package org.apache.tomcat.util.net;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.concurrent.RejectedExecutionException;
 
+import org.apache.catalina.Globals;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.jni.Address;
@@ -36,6 +39,7 @@ import org.apache.tomcat.jni.SSLSocket;
 import org.apache.tomcat.jni.Socket;
 import org.apache.tomcat.jni.Status;
 
+
 /**
  * APR tailored thread pool, providing the following services:
  * <ul>
@@ -759,7 +763,29 @@ public class AprEndpoint extends AbstractEndpoint {
      */
     protected boolean processSocket(long socket, SocketStatus status) {
         try {
-            getExecutor().execute(new SocketEventProcessor(socket, status));
+            if (status == SocketStatus.OPEN || status == SocketStatus.STOP ||
+                    status == SocketStatus.TIMEOUT) {
+                SocketEventProcessor proc =
+                    new SocketEventProcessor(socket, status);
+                ClassLoader loader = Thread.currentThread().getContextClassLoader();
+                try {
+                    if (Globals.IS_SECURITY_ENABLED) {
+                        PrivilegedAction<Void> pa = new PrivilegedSetTccl(
+                                getClass().getClassLoader());
+                        AccessController.doPrivileged(pa);
+                    } else {
+                        Thread.currentThread().setContextClassLoader(
+                                getClass().getClassLoader());
+                    }                
+                    getExecutor().execute(proc);
+                } finally {
+                    if (Globals.IS_SECURITY_ENABLED) {
+                        PrivilegedAction<Void> pa = new PrivilegedSetTccl(loader);
+                        AccessController.doPrivileged(pa);
+                    } else {
+                        Thread.currentThread().setContextClassLoader(loader);
+                    }
+                }            }
         } catch (RejectedExecutionException x) {
             log.warn("Socket processing request was rejected for:"+socket,x);
             return false;
@@ -1481,5 +1507,17 @@ public class AprEndpoint extends AbstractEndpoint {
         
     }
     
-    
+    private static class PrivilegedSetTccl implements PrivilegedAction<Void> {
+
+        private ClassLoader cl;
+
+        PrivilegedSetTccl(ClassLoader cl) {
+            this.cl = cl;
+        }
+
+        public Void run() {
+            Thread.currentThread().setContextClassLoader(cl);
+            return null;
+        }
+    }    
 }

diff --git a/java/org/apache/tomcat/util/net/JIoEndpoint.java b/java/org/apache/tomcat/util/net/JIoEndpoint.java
index 15f9453..28b3eb5 100644 (file)
--- a/java/org/apache/tomcat/util/net/JIoEndpoint.java
+++ b/java/org/apache/tomcat/util/net/JIoEndpoint.java
@@ -542,8 +542,7 @@ public class JIoEndpoint extends AbstractEndpoint {
     protected ConcurrentLinkedQueue<SocketWrapper<Socket>> waitingRequests =
         new ConcurrentLinkedQueue<SocketWrapper<Socket>>();
 
-    private static class PrivilegedSetTccl
-    implements PrivilegedAction<Void> {
+    private static class PrivilegedSetTccl implements PrivilegedAction<Void> {
 
         private ClassLoader cl;