tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53830] New: Better handling of Manager.randomFile default value on Windows
Date Wed, 05 Sep 2012 08:07:20 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53830

          Priority: P2
            Bug ID: 53830
          Assignee: dev@tomcat.apache.org
           Summary: Better handling of Manager.randomFile default value on
                    Windows
          Severity: normal
    Classification: Unclassified
                OS: Windows XP
          Reporter: knst.kolinko@gmail.com
          Hardware: PC
            Status: NEW
           Version: 6.0.35
         Component: Catalina
           Product: Tomcat 6

See the following thread on the users list:
"Windows Path Not Found for urandom", started on Aug 28, 2012
http://markmail.org/thread/l3f3meujmac2jzqp
http://marc.info/?t=134616742400004&r=1&w=2

This issue is specific to Tomcat 6 and earlier.
In Tomcat 7 the session id generation was reimplemented and this feature was
removed.

The default value of o.a.c.session.ManagerBase.devRandomSource is
"/dev/urandom".

1) The value is unsuitable for Windows, where the file does not exist.

I think it would be better to statically test the value once:
- File.isAbsolute(), to avoid looking for "C:\dev\urandom"
- File.exists()

2) On each call to ManagerBase.getRandomBytes(..) it tries to reopen the file
by calling setRandomFile(..).

There is try/catch(IOException) that clears the name and prevents subsequent
attempts to open the file, but it does not happen in case of simple
if(!f.exists()) return.

Stacktrace (from the mail thread, see details there):
[[[
Aug 29, 2012 11:52:29 AM org.apache.catalina.session.ManagerBase setRandomFile
WARNING: Error reading /dev/urandom
java.io.EOFException
        at java.io.DataInputStream.readFully(DataInputStream.java:180)
        at java.io.DataInputStream.readLong(DataInputStream.java:399)
        at
org.apache.catalina.session.ManagerBase.setRandomFile(ManagerBase.java:548)
        at
org.apache.catalina.session.ManagerBase.getRandomBytes(ManagerBase.java:993)
        at org.apache.catalina.session.ManagerBase.init(ManagerBase.java:767)
        at
org.apache.catalina.session.StandardManager.start(StandardManager.java:630)
        at
org.apache.catalina.core.ContainerBase.setManager(ContainerBase.java:446)
        at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4631)
        at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:799)
        at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:779)
        at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:601)
        at
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:675)
        at
org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:601)
        at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:502)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1317)
        at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:324)
        at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)
        at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1065)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)
        at
org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1057)
        at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)
        at
org.apache.catalina.core.StandardService.start(StandardService.java:525)
        at
org.apache.catalina.core.StandardServer.start(StandardServer.java:754)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:595)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
]]]

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message