• last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
BZ1117821: Add sync to deal with parallel initialization of more than one SSL connector. Patch by Emmanuel Hugonnet.
  1. … 1 more file in changeset.
Typo submitted by Radim Hatlapatka.

More for BZ1078204: Use of + would empty the ciphers list. Submitted by Kabir Khan.
  1. … 1 more file in changeset.
More for 1078204: Fix issues with '+', submitted by Emmanuel Hugonnet.
More for 1078204: Add missing aliases and some debug, submitted by Emmanuel Hugonnet.
    • -0
    • +55
    ./java/org/apache/tomcat/util/net/jsse/JSSELogger.java
Add missing patch for CVE-2014-0119, although it is hard to tell if it can be used in AS.
  1. … 1 more file in changeset.
Port code cleanup from Tomcat for exception handling.
    • -0
    • +3
    ./java/org/jboss/web/CoyoteMessages.java
BZ1106492: -1 is set for timeout, but the endpoint then uses the main connection timeout. Use instead max int like for NIO2 after an upgrade.
Related to BZ1100491: Switch to the Tomcat websockets code for IO. With an added sync for text buffers.
    • -7
    • +0
    ./java/org/apache/tomcat/websocket/WsSession.java
Related to BZ1100491: Switch to the Tomcat style for IO writes with the NIO2 connector for better reliability and results. Avoid some deadlocks caused by excessive locking.
    • -0
    • +9
    ./java/org/apache/tomcat/util/net/NioChannel.java
Add a flag to return the full URI.
Port Tomcat patch: fix again executor configuration.
    • -0
    • +3
    ./java/org/jboss/web/WebsocketsMessages.java
BZ1100491: Cleanup (better looking sync).
Port patch from Tomcat: better URI handling.
BZ1104139: Tomcat sets an infinite timeout for IO on upgraded connections, so do the same.
Follow up on r2435: should do an initial notification when data is available.
BZ1100491: Add a little extra sync to avoid corruption, possibly caused by extra onWritePossible notifications.
- BZ1103596: Does not fix the real cause, but avoid loop.

- Improve on notifications and input.

[JBWEB-300] synchronize JSSESupport keySizeCache access
Port CVE-2014-0075: Avoid overflow and use bit shift instead.
Port fixes for CVE-2014-0119 (low) and CVE-2014-0096: Issue using global XSLT in the default servlet (not used in EAP), and leak issue using XML parsing in Jasper.
    • -0
    • +6
    ./java/org/jboss/web/CatalinaMessages.java
Port patch for CVE-2014-0099: Fix possible overflow when parsing long values from a byte array.
    • -13
    • +7
    ./java/org/apache/tomcat/util/buf/Ascii.java
Flip the default (no change besides that).
    • -2
    • +2
    ./java/org/apache/tomcat/websocket/Constants.java
    • -2
    • +2
    ./java/org/apache/tomcat/websocket/WsSession.java
Port Tomcat patch: catch possible ISE on write for clean handling.
- Rather than just reverting again, add a system property. The default is what it was before reverting it.

- Either way passes the TCK for me.

    • -4
    • +14
    ./java/org/apache/tomcat/websocket/WsSession.java
    • -0
    • +3
    ./java/org/apache/tomcat/websocket/Constants.java
Revert r2418 (useless extra sync).
Revert again. Besides cosmetics when using a closed session during the event processing, it doesn't cause any actual issues, but it could have side effects.
    • -2
    • +2
    ./java/org/apache/tomcat/websocket/WsSession.java
Sync process with event as some random behavior is still reported.
BZ1086399: Tentative plumbing for CDI support, submitted by Stuart Douglas.
    • -0
    • +30
    ./java/org/apache/tomcat/websocket/ClassIntrospecter.java
    • -0
    • +35
    ./java/org/apache/tomcat/websocket/InstanceFactory.java
    • -0
    • +9
    ./java/org/apache/tomcat/websocket/WsSession.java
    • -0
    • +40
    ./java/org/apache/tomcat/websocket/InstanceHandle.java
BZ1100486: Try again, make sure there's no keepalive after an upgraded connection processing.