geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Genender <jgenen...@apache.org>
Subject Re: PATCH from GERONIMO-2006
Date Tue, 23 May 2006 22:25:34 GMT
+1 from me.

David Jencks wrote:
> I'd like to apply the patch
> http://issues.apache.org/jira/secure/attachment/12334350/GERONIMO-2006.patch
> 
> 
> from http://issues.apache.org/jira/browse/GERONIMO-2006
> 
> It fixes a buffer overflow problem in tomcat (which presumably doesn't
> need a vote since it's a bug fix) and does some simple checks on the
> plan you supply to upgrade the plan if it is clearly a 1.0 plan.
> 
> here's my +1.  I'd like to know if it counts, see my separate post
> asking about this.
> 
> here's the text of the patch: again I'd like to know if this is required
> or if the link to the jira issue is sufficient.
> 
> Thanks
> david jencks
> 
> 
> Index: applications/console-standard/project.xml
> ===================================================================
> --- applications/console-standard/project.xml    (revision 407792)
> +++ applications/console-standard/project.xml    (working copy)
> @@ -92,6 +92,11 @@
>          </dependency>
>          <dependency>
>              <groupId>geronimo</groupId>
> +            <artifactId>geronimo-upgrade</artifactId>
> +            <version>${pom.currentVersion}</version>
> +        </dependency>
> +        <dependency>
> +            <groupId>geronimo</groupId>
>              <artifactId>geronimo-deploy-jsr88</artifactId>
>              <version>${pom.currentVersion}</version>
>          </dependency>
> Index:
> applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java
> 
> ===================================================================
> ---
> applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java
  
> (revision 0)
> +++
> applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java
  
> (revision 0)
> @@ -0,0 +1,41 @@
> +/**
> +*
> +* Copyright 2006 The Apache Software Foundation
> +*
> +*  Licensed under the Apache License, Version 2.0 (the "License");
> +*  you may not use this file except in compliance with the License.
> +*  You may obtain a copy of the License at
> +*
> +*     http://www.apache.org/licenses/LICENSE-2.0
> +*
> +*  Unless required by applicable law or agreed to in writing, software
> +*  distributed under the License is distributed on an "AS IS" BASIS,
> +*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
> implied.
> +*  See the License for the specific language governing permissions and
> +*  limitations under the License.
> +*/
> +package org.apache.geronimo.console.configmanager;
> +
> +import javax.servlet.ServletException;
> +import javax.servlet.http.HttpServlet;
> +import javax.servlet.http.HttpServletRequest;
> +import javax.servlet.http.HttpServletResponse;
> +import java.io.IOException;
> +
> +/**
> +* Servlet that lets you download a migrated plan
> +*
> +* @version $Rev$ $Date$
> +*/
> +public class PlanExportServlet extends HttpServlet {
> +   protected void doPost(HttpServletRequest request,
> HttpServletResponse response) throws ServletException, IOException {
> +       String migratedPlan = request.getParameter("migratedPlan");
> +       if (migratedPlan == null) {
> +           response.sendError(HttpServletResponse.SC_BAD_REQUEST);
> +       } else {
> +           response.setContentType("application/x-unknown");
> +           response.addHeader("Content-Disposition", "attachment;
> filename=migrated-plan.xml");
> +           response.getOutputStream().write(migratedPlan.getBytes());
> +       }
> +   }
> +}
> 
> Property changes on:
> applications/console-standard/src/java/org/apache/geronimo/console/configmanager/PlanExportServlet.java
> 
> ___________________________________________________________________
> Name: svn:mime-type
>    + text/plain
> Name: svn:keywords
>    + Date Author Id Revision HeadURL
> Name: svn:eol-style
>    + native
> 
> Index:
> applications/console-standard/src/java/org/apache/geronimo/console/configmanager/DeploymentPortlet.java
> 
> ===================================================================
> ---
> applications/console-standard/src/java/org/apache/geronimo/console/configmanager/DeploymentPortlet.java
  
> (revision 407792)
> +++
> applications/console-standard/src/java/org/apache/geronimo/console/configmanager/DeploymentPortlet.java
  
> (working copy)
> @@ -17,8 +17,11 @@
> package org.apache.geronimo.console.configmanager;
> +import java.io.ByteArrayInputStream;
> import java.io.File;
> +import java.io.FileInputStream;
> import java.io.IOException;
> +import java.io.StringWriter;
> import java.util.Iterator;
> import java.util.List;
> import java.util.ArrayList;
> @@ -34,6 +37,9 @@
> import javax.portlet.PortletRequestDispatcher;
> import javax.portlet.RenderRequest;
> import javax.portlet.RenderResponse;
> +import javax.xml.parsers.DocumentBuilder;
> +import javax.xml.parsers.DocumentBuilderFactory;
> +
> import org.apache.commons.fileupload.FileItem;
> import org.apache.commons.fileupload.FileUploadException;
> import org.apache.commons.fileupload.disk.DiskFileItemFactory;
> @@ -43,17 +49,21 @@
> import org.apache.geronimo.deployment.plugin.ConfigIDExtractor;
> import org.apache.geronimo.common.DeploymentException;
> import org.apache.geronimo.kernel.repository.Artifact;
> +import org.apache.geronimo.upgrade.Upgrade1_0To1_1;
> +import org.w3c.dom.Document;
> public class DeploymentPortlet extends BasePortlet {
> +    private static final String DEPLOY_VIEW          =
> "/WEB-INF/view/configmanager/deploy.jsp";
> +    private static final String HELP_VIEW            =
> "/WEB-INF/view/configmanager/deployHelp.jsp";
> +    private static final String MIGRATED_PLAN_PARM   = "migratedPlan";
> +    private static final String ORIGINAL_PLAN_PARM   = "originalPlan";
> +    private static final String FULL_STATUS_PARM     =
> "fullStatusMessage";
> +    private static final String ABBR_STATUS_PARM     =
> "abbrStatusMessage";
>      private PortletRequestDispatcher deployView;
> -
>      private PortletRequestDispatcher helpView;
> -    private boolean messageNotRendered = true;
> -
>      public void processAction(ActionRequest actionRequest,
>                                ActionResponse actionResponse) throws
> PortletException, IOException {
> -        messageNotRendered = true;
>          if (!PortletFileUpload.isMultipartContent(actionRequest)) {
>              throw new PortletException("Expected file upload");
>          }
> @@ -107,6 +117,7 @@
>              throw new PortletException(e);
>          }
>          DeploymentFactoryManager dfm =
> DeploymentFactoryManager.getInstance();
> +        FileInputStream fis = null;
>          try {
>              DeploymentManager mgr =
> dfm.getDeploymentManager("deployer:geronimo:inVM", null, null);
>              try {
> @@ -128,23 +139,58 @@
>                  while(progress.getDeploymentStatus().isRunning()) {
>                      Thread.sleep(100);
>                  }
> -
> +
> +                String abbrStatusMessage;
> +                String fullStatusMessage = null;
>                  if(progress.getDeploymentStatus().isCompleted()) {
> -                    String message = "The application was successfully
> "+(isRedeploy ? "re" : "")+"deployed.<br/>";
> +                    abbrStatusMessage = "The application was
> successfully "+(isRedeploy ? "re" : "")+"deployed.<br/>";
>                      // start installed app/s
>                      if (!isRedeploy && startApp != null &&
> !startApp.equals("")) {
>                          progress =
> mgr.start(progress.getResultTargetModuleIDs());
>                         
> while(progress.getDeploymentStatus().isRunning()) {
>                              Thread.sleep(100);
>                          }
> -                        message+="The application was successfully
> started";
> +                        abbrStatusMessage+="The application was
> successfully started";
>                      }
> -                    actionResponse.setRenderParameter("outcome",message);
>                  } else {
> -                    actionResponse.setRenderParameter("outcome",
> "Deployment failed: "+progress.getDeploymentStatus().getMessage());
> +                    fullStatusMessage =
> progress.getDeploymentStatus().getMessage();
> +                    // for the abbreviated status message clip off
> everything
> +                    // after the first line, which in most cases means
> the gnarly stacktrace
> +                    abbrStatusMessage = "Deployment failed:<br/>"
> +                                      + fullStatusMessage.substring(0,
> fullStatusMessage.indexOf('\n'));
> +                    // try to provide an upgraded version of the plan
> +                    try {
> +                        if (planFile != null && planFile.exists()) {
> +                            byte[] plan = new byte[(int)
> planFile.length()];
> +                            fis = new FileInputStream(planFile);
> +                            fis.read(plan);
> +                            DocumentBuilder documentBuilder =
> DocumentBuilderFactory.newInstance().newDocumentBuilder();
> +                            Document doc = documentBuilder.parse(new
> ByteArrayInputStream(plan));
> +                            // v1.1 switched from configId to moduleId
> +                            String configId =
> doc.getDocumentElement().getAttribute("configId");
> +                            if (configId != null &&
> !("".equals(configId))) {
> +                                StringWriter sw = new StringWriter();
> +                                new Upgrade1_0To1_1().upgrade(new
> ByteArrayInputStream(plan), sw);
> +                                // have to store the original and
> upgraded plans in the session
> +                                // because the buffer size for render
> parameters is sometimes not
> +                                // big enough
> +                               
> actionRequest.getPortletSession().setAttribute(MIGRATED_PLAN_PARM,
> sw.getBuffer());
> +                               
> actionRequest.getPortletSession().setAttribute(ORIGINAL_PLAN_PARM, new
> String(plan));
> +                            }
> +                        }
> +                    } catch (Exception e) {
> +                        // cannot provide a migrated plan in this case,
> most likely
> +                        // because the deployment plan would not parse.
> a valid
> +                        // status message has already been provided in
> this case
> +                    }
>                  }
> +                // have to store the status messages in the portlet
> session
> +                // because the buffer size for render parameters is
> sometimes not big enough
> +               
> actionRequest.getPortletSession().setAttribute(FULL_STATUS_PARM,
> fullStatusMessage);
> +               
> actionRequest.getPortletSession().setAttribute(ABBR_STATUS_PARM,
> abbrStatusMessage);
>              } finally {
>                  mgr.release();
> +                if (fis!=null) fis.close();
>              }
>          } catch (Exception e) {
>              throw new PortletException(e);
> @@ -184,14 +230,24 @@
>      protected void doView(RenderRequest renderRequest,
>                            RenderResponse renderResponse) throws
> PortletException, IOException {
> -        if (messageNotRendered) {
> -            renderRequest.setAttribute("outcome", renderRequest
> -                    .getParameter("outcome"));
> -            messageNotRendered = false;
> -        }
> +        // The deployment plans and messages from the deployers
> sometime exceeds
> +        // the buffer size for render attributes. To avoid the buffer
> +        // overrun the render attributes are temporarily stored in the
> portlet
> +        // session during the processAction phase and then copied into
> render
> +        // attributes here so the JSP has easier access to them. This
> seems
> +        // to only be an issue on tomcat.
> +        copyRenderAttribute(renderRequest, FULL_STATUS_PARM);
> +        copyRenderAttribute(renderRequest, ABBR_STATUS_PARM);
> +        copyRenderAttribute(renderRequest, MIGRATED_PLAN_PARM);
> +        copyRenderAttribute(renderRequest, ORIGINAL_PLAN_PARM);
>          deployView.include(renderRequest, renderResponse);
> -        // clear previous message for next rendering
>      }
> +
> +    private void copyRenderAttribute(RenderRequest renderRequest,
> String attr) {
> +        Object value =
> renderRequest.getPortletSession().getAttribute(attr);
> +        renderRequest.getPortletSession().removeAttribute(attr);
> +        renderRequest.setAttribute(attr, value);
> +    }
>      protected void doHelp(RenderRequest renderRequest,
>                            RenderResponse renderResponse) throws
> PortletException, IOException {
> @@ -200,8 +256,8 @@
>      public void init(PortletConfig portletConfig) throws
> PortletException {
>          super.init(portletConfig);
> -        deployView =
> portletConfig.getPortletContext().getRequestDispatcher("/WEB-INF/view/configmanager/deploy.jsp");
> 
> -        helpView =
> portletConfig.getPortletContext().getRequestDispatcher("/WEB-INF/view/configmanager/deployHelp.jsp");
> 
> +        deployView =
> portletConfig.getPortletContext().getRequestDispatcher(DEPLOY_VIEW);
> +        helpView =
> portletConfig.getPortletContext().getRequestDispatcher(HELP_VIEW);
>      }
>      public void destroy() {
> Index:
> applications/console-standard/src/webapp/WEB-INF/view/configmanager/deploy.jsp
> 
> ===================================================================
> ---
> applications/console-standard/src/webapp/WEB-INF/view/configmanager/deploy.jsp   
> (revision 407792)
> +++
> applications/console-standard/src/webapp/WEB-INF/view/configmanager/deploy.jsp   
> (working copy)
> @@ -1,9 +1,67 @@
> -<%@ page import="java.io.PrintWriter"%>
> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
> <%@ taglib uri="http://java.sun.com/portlet" prefix="portlet"%>
> <portlet:defineObjects/>
> -<c:if test="${! outcome}"><pre>${outcome}</pre></c:if>
> +<script>
> +// toggle the display state of an element
> +function <portlet:namespace/>toggleDisplay(id) {
> +  var element = document.getElementById("<portlet:namespace/>"+id);
> +  if (element.style.display == 'inline') {
> +      element.style.display='none';
> +  } else {
> +      element.style.display='inline';
> +  }
> +}
> +</script>
> +
> +<!-- Abbreviated status message -->
> +<c:if test="${!(empty abbrStatusMessage)}">
> +    <div id="<portlet:namespace/>abbrStatusMessage"
> style="display:inline">
> +     ${abbrStatusMessage}<br/>
> +    <c:if test="${!(empty fullStatusMessage)}">
> +    <button
> onclick="<portlet:namespace/>toggleDisplay('fullStatusMessage');<portlet:namespace/>toggleDisplay('abbrStatusMessage');return
> false;">Show full details</button>
> +    </c:if>
> +    </div>
> +</c:if>
> +<!-- Full status message -->
> +<c:if test="${!(empty fullStatusMessage)}">
> +    <div id="<portlet:namespace/>fullStatusMessage" style="display:none">
> +    <pre>
> +<c:out escapeXml="true" value="${fullStatusMessage}"/>
> +    </pre>
> +    </div>
> +</c:if>
> +
> +<P/>
> +
> +<!-- Migrated Plan -->
> +<c:if test="${!(empty migratedPlan)}">
> +<hr/><br/>
> +The deployment plan you provided appears to be for a previous version of
> +the application server.
> +A migrated version of your plan is provided below for your
> convenience.  Not all
> +deployment plans can be fully migrated so some manual editing may be
> required
> +before the migrated plan can be deployed.
> +<p/>
> +<div id="<portlet:namespace/>migratedPlan" style="display:inline">
> +Migrated plan:
> +<form method="POST" action="/console/plan-export">
> +    <textarea name="migratedPlan" rows=10 cols=80><c:out
> escapeXml="true" value="${migratedPlan}"/></textarea>
> +    <br/>
> +    <button
> onclick="<portlet:namespace/>toggleDisplay('originalPlan');<portlet:namespace/>toggleDisplay('migratedPlan');return
> false;">Show original plan</button>
> +    <input type="submit" value="Save this plan locally"/>
> +</form>
> +</div>
> +<div id="<portlet:namespace/>originalPlan" style="display:none">
> +Original plan:
> +<form>
> +    <textarea rows=10 cols=80><c:out escapeXml="true"
> value="${originalPlan}"/></textarea><br/>
> +    <button
> onclick="<portlet:namespace/>toggleDisplay('migratedPlan');<portlet:namespace/>toggleDisplay('originalPlan');return
> false;">Show Migrated plan</button>
> +</form>
> +</div>
> +<br/><hr/><br/>
> +</c:if>
> +
> <form enctype="multipart/form-data" method="POST"
> action="<portlet:actionURL><portlet:param name="action"
> value="deploy"/></portlet:actionURL>">
> <table>
>    <tr><th align="right">Archive: </th><td><input type="file"
> name="module" /></td></tr>
> Index: applications/console-standard/src/webapp/WEB-INF/web.xml
> ===================================================================
> --- applications/console-standard/src/webapp/WEB-INF/web.xml   
> (revision 407792)
> +++ applications/console-standard/src/webapp/WEB-INF/web.xml    (working
> copy)
> @@ -763,6 +763,11 @@
>    <servlet-name>maven-repo</servlet-name>
>   
> <servlet-class>org.apache.geronimo.console.car.GeronimoAsMavenServlet</servlet-class>
> 
> </servlet>
> +<servlet>
> +  <display-name>Plan Export Servlet</display-name>
> +  <servlet-name>plan-export</servlet-name>
> + 
> <servlet-class>org.apache.geronimo.console.configmanager.PlanExportServlet</servlet-class>
> 
> +</servlet>
> <servlet-mapping>
>    <servlet-name>dwr-invoker</servlet-name>
> @@ -776,6 +781,10 @@
>    <servlet-name>maven-repo</servlet-name>
>    <url-pattern>/maven-repo/*</url-pattern>
> </servlet-mapping>
> +<servlet-mapping>
> +  <servlet-name>plan-export</servlet-name>
> +  <url-pattern>/plan-export</url-pattern>
> +</servlet-mapping>
> Index: applications/console-framework/src/webapp/WEB-INF/web.xml
> ===================================================================
> --- applications/console-framework/src/webapp/WEB-INF/web.xml   
> (revision 407792)
> +++ applications/console-framework/src/webapp/WEB-INF/web.xml   
> (working copy)
> @@ -71,6 +71,20 @@
>             <param-value>/graphs</param-value>
>          </init-param>
>      </servlet>
> +
> +    <servlet>
> +        <display-name>Plan Export Forward Servlet</display-name>
> +        <servlet-name>plan-export-forward</servlet-name>
> +       
> <servlet-class>org.apache.geronimo.console.servlet.ContextForwardServlet</servlet-class>
> 
> +        <init-param>
> +           <param-name>context-path</param-name>
> +           <param-value>/console-standard</param-value>
> +        </init-param>
> +        <init-param>
> +           <param-name>servlet-path</param-name>
> +           <param-value>/plan-export</param-value>
> +        </init-param>
> +    </servlet>
>      <servlet-mapping>
>          <servlet-name>se-console</servlet-name>
> @@ -92,6 +106,10 @@
>          <servlet-name>svg-forward</servlet-name>
>          <url-pattern>/graphs/*</url-pattern>
>      </servlet-mapping>
> +    <servlet-mapping>
> +        <servlet-name>plan-export-forward</servlet-name>
> +        <url-pattern>/plan-export</url-pattern>
> +    </servlet-mapping>
>      <security-constraint>
>          <web-resource-collection>
> Index: configs/console-tomcat/project.xml
> ===================================================================
> --- configs/console-tomcat/project.xml    (revision 407792)
> +++ configs/console-tomcat/project.xml    (working copy)
> @@ -146,6 +146,14 @@
>          </dependency>
>          <dependency>
>              <groupId>geronimo</groupId>
> +            <artifactId>geronimo-upgrade</artifactId>
> +            <version>${geronimo_version}</version>
> +            <properties>
> +                <geronimo.dependency>true</geronimo.dependency>
> +            </properties>
> +        </dependency>
> +        <dependency>
> +            <groupId>geronimo</groupId>
>              <artifactId>geronimo-management</artifactId>
>              <version>${geronimo_version}</version>
>              <properties>
> Index: configs/console-jetty/project.xml
> ===================================================================
> --- configs/console-jetty/project.xml    (revision 407792)
> +++ configs/console-jetty/project.xml    (working copy)
> @@ -146,6 +146,14 @@
>          </dependency>
>          <dependency>
>              <groupId>geronimo</groupId>
> +            <artifactId>geronimo-upgrade</artifactId>
> +            <version>${geronimo_version}</version>
> +            <properties>
> +                <geronimo.dependency>true</geronimo.dependency>
> +            </properties>
> +        </dependency>
> +        <dependency>
> +            <groupId>geronimo</groupId>
>              <artifactId>geronimo-management</artifactId>
>              <version>${geronimo_version}</version>
>              <properties>

Mime
View raw message