From 97920ed47815b1aeb31531469ba4f19b5dda94b2 Mon Sep 17 00:00:00 2001 From: markt Date: Fri, 14 May 2010 23:43:51 +0000 Subject: [PATCH] TCK failures: Fix remaining failures with APR/native and a security Manager git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@944518 13f79535-47bb-0310-9956-ffa450edef68 --- TOMCAT-7-RELEASE-PLAN.txt | 3 +- .../apache/catalina/core/StandardHostValve.java | 35 +++++++++++++++--- java/org/apache/tomcat/util/net/AprEndpoint.java | 42 ++++++++++++++++++++-- java/org/apache/tomcat/util/net/JIoEndpoint.java | 3 +- 4 files changed, 73 insertions(+), 10 deletions(-) diff --git a/TOMCAT-7-RELEASE-PLAN.txt b/TOMCAT-7-RELEASE-PLAN.txt index 7ee1ac460..d10967004 100644 --- a/TOMCAT-7-RELEASE-PLAN.txt +++ b/TOMCAT-7-RELEASE-PLAN.txt @@ -27,8 +27,7 @@ 3. Implement all the new Servlet 3 features NOTE: Status is based on a review of the specification, not the TCK tests - - Sections 1 to 15 - - Strict spec compliance requires deployment descriptor validation + - Done 4. Do an initial release (from trunk) - Create tc7.0.x\tags to hold release tags - Done diff --git a/java/org/apache/catalina/core/StandardHostValve.java b/java/org/apache/catalina/core/StandardHostValve.java index d0757a865..8b235f008 100644 --- a/java/org/apache/catalina/core/StandardHostValve.java +++ b/java/org/apache/catalina/core/StandardHostValve.java @@ -20,6 +20,8 @@ package org.apache.catalina.core; import java.io.IOException; +import java.security.AccessController; +import java.security.PrivilegedAction; import javax.servlet.DispatcherType; import javax.servlet.RequestDispatcher; @@ -126,8 +128,14 @@ final class StandardHostValve if( context.getLoader() != null ) { // Not started - it should check for availability first // This should eventually move to Engine, it's generic. - Thread.currentThread().setContextClassLoader - (context.getLoader().getClassLoader()); + if (Globals.IS_SECURITY_ENABLED) { + PrivilegedAction pa = new PrivilegedSetTccl( + context.getLoader().getClassLoader()); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader + (context.getLoader().getClassLoader()); + } } if (request.isAsyncSupported()) { request.setAsyncSupported(context.getPipeline().isAsyncSupported()); @@ -155,8 +163,14 @@ final class StandardHostValve } // Restore the context classloader - Thread.currentThread().setContextClassLoader - (StandardHostValve.class.getClassLoader()); + if (Globals.IS_SECURITY_ENABLED) { + PrivilegedAction pa = new PrivilegedSetTccl( + StandardHostValve.class.getClassLoader()); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader + (StandardHostValve.class.getClassLoader()); + } } @@ -449,5 +463,18 @@ final class StandardHostValve } + + private static class PrivilegedSetTccl implements PrivilegedAction { + private ClassLoader cl; + + PrivilegedSetTccl(ClassLoader cl) { + this.cl = cl; + } + + public Void run() { + Thread.currentThread().setContextClassLoader(cl); + return null; + } + } } diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java b/java/org/apache/tomcat/util/net/AprEndpoint.java index 42774f987..c67cc76a8 100644 --- a/java/org/apache/tomcat/util/net/AprEndpoint.java +++ b/java/org/apache/tomcat/util/net/AprEndpoint.java @@ -17,10 +17,13 @@ package org.apache.tomcat.util.net; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.HashMap; import java.util.concurrent.RejectedExecutionException; +import org.apache.catalina.Globals; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; import org.apache.tomcat.jni.Address; @@ -36,6 +39,7 @@ import org.apache.tomcat.jni.SSLSocket; import org.apache.tomcat.jni.Socket; import org.apache.tomcat.jni.Status; + /** * APR tailored thread pool, providing the following services: *
    @@ -759,7 +763,29 @@ public class AprEndpoint extends AbstractEndpoint { */ protected boolean processSocket(long socket, SocketStatus status) { try { - getExecutor().execute(new SocketEventProcessor(socket, status)); + if (status == SocketStatus.OPEN || status == SocketStatus.STOP || + status == SocketStatus.TIMEOUT) { + SocketEventProcessor proc = + new SocketEventProcessor(socket, status); + ClassLoader loader = Thread.currentThread().getContextClassLoader(); + try { + if (Globals.IS_SECURITY_ENABLED) { + PrivilegedAction pa = new PrivilegedSetTccl( + getClass().getClassLoader()); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader( + getClass().getClassLoader()); + } + getExecutor().execute(proc); + } finally { + if (Globals.IS_SECURITY_ENABLED) { + PrivilegedAction pa = new PrivilegedSetTccl(loader); + AccessController.doPrivileged(pa); + } else { + Thread.currentThread().setContextClassLoader(loader); + } + } } } catch (RejectedExecutionException x) { log.warn("Socket processing request was rejected for:"+socket,x); return false; @@ -1481,5 +1507,17 @@ public class AprEndpoint extends AbstractEndpoint { } - + private static class PrivilegedSetTccl implements PrivilegedAction { + + private ClassLoader cl; + + PrivilegedSetTccl(ClassLoader cl) { + this.cl = cl; + } + + public Void run() { + Thread.currentThread().setContextClassLoader(cl); + return null; + } + } } diff --git a/java/org/apache/tomcat/util/net/JIoEndpoint.java b/java/org/apache/tomcat/util/net/JIoEndpoint.java index 15f9453ef..28b3eb56c 100644 --- a/java/org/apache/tomcat/util/net/JIoEndpoint.java +++ b/java/org/apache/tomcat/util/net/JIoEndpoint.java @@ -542,8 +542,7 @@ public class JIoEndpoint extends AbstractEndpoint { protected ConcurrentLinkedQueue> waitingRequests = new ConcurrentLinkedQueue>(); - private static class PrivilegedSetTccl - implements PrivilegedAction { + private static class PrivilegedSetTccl implements PrivilegedAction { private ClassLoader cl; -- 2.11.0