larryi 01/05/18 12:20:24
Modified: src/etc server.xml
src/share/org/apache/tomcat/modules/server
Ajp12Interceptor.java
src/share/org/apache/tomcat/util IntrospectionUtils.java
src/share/org/apache/tomcat/util/net PoolTcpEndpoint.java
Log:
Improve security by providing default bindings for Ajp connectors.
Submitted by: Andrey Kartashov
Revision Changes Path
1.75 +6 -0 jakarta-tomcat/src/etc/server.xml
Index: server.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/etc/server.xml,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -r1.74 -r1.75
--- server.xml 2001/04/21 19:33:10 1.74
+++ server.xml 2001/05/18 19:20:10 1.75
@@ -189,15 +189,21 @@
-->
<!-- Apache AJP12 support. This is also used to shut down tomcat.
+ Parameter "address" defines network interface this Interceptor
+ "binds" to. Delete it if you want to "bind" to all interfaces.
-->
<RequestInterceptor
className="org.apache.tomcat.modules.server.Ajp12Interceptor"
+ address="127.0.0.1"
port="8007" />
<!-- Apache AJP13 support (mod_jk)
+ Parameter "address" defines network interface this Interceptor
+ "binds" to. Delete it if you want to "bind" to all interfaces.
-->
<RequestInterceptor
className="org.apache.tomcat.modules.server.Ajp13Interceptor"
+ address="127.0.0.1"
port="8009" />
<!--
1.14 +1 -1
jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp12Interceptor.java
Index: Ajp12Interceptor.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Ajp12Interceptor.java,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- Ajp12Interceptor.java 2001/03/15 07:33:18 1.13
+++ Ajp12Interceptor.java 2001/05/18 19:20:14 1.14
@@ -119,7 +119,7 @@
if( address==null )
stopF.println( "" );
else
- stopF.println( address.toString() );
+ stopF.println( address.getHostAddress() );
if( secret !=null )
stopF.println( secret );
else
1.9 +16 -0
jakarta-tomcat/src/share/org/apache/tomcat/util/IntrospectionUtils.java
Index: IntrospectionUtils.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/IntrospectionUtils.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- IntrospectionUtils.java 2001/03/31 21:45:30 1.8
+++ IntrospectionUtils.java 2001/05/18 19:20:18 1.9
@@ -252,15 +252,31 @@
// match - find the type and invoke it
Class paramType=methods[i].getParameterTypes()[0];
Object params[]=new Object[1];
+
+ // Try a setFoo ( int )
if ("java.lang.Integer".equals( paramType.getName()) ||
"int".equals( paramType.getName())) {
try {
params[0]=new Integer(value);
} catch( NumberFormatException ex ) {ok=false;}
+
+ // Try a setFoo ( boolean )
} else if ("java.lang.Boolean".
equals( paramType.getName()) ||
"boolean".equals( paramType.getName())) {
params[0]=new Boolean(value);
+
+ // Try a setFoo ( InetAddress )
+ } else if ("java.net.InetAddress".
+ equals( paramType.getName())){
+ try{
+ params[0]= InetAddress.getByName(value);
+ }catch(UnknownHostException exc) {
+ d("Unable to resolve host name:" + value);
+ ok=false;
+ }
+
+ // Unknown type
} else {
d("Unknown type " + paramType.getName() );
}
1.11 +9 -4
jakarta-tomcat/src/share/org/apache/tomcat/util/net/PoolTcpEndpoint.java
Index: PoolTcpEndpoint.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/net/PoolTcpEndpoint.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- PoolTcpEndpoint.java 2001/04/21 18:12:19 1.10
+++ PoolTcpEndpoint.java 2001/05/18 19:20:22 1.11
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/net/PoolTcpEndpoint.java,v
1.10 2001/04/21 18:12:19 costin Exp $
- * $Revision: 1.10 $
- * $Date: 2001/04/21 18:12:19 $
+ * $Header:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/util/net/PoolTcpEndpoint.java,v
1.11 2001/05/18 19:20:22 larryi Exp $
+ * $Revision: 1.11 $
+ * $Date: 2001/05/18 19:20:22 $
*
* ====================================================================
*
@@ -264,7 +264,12 @@
running = false;
try {
// Need to create a connection to unlock the accept();
- Socket s=new Socket("127.0.0.1", port );
+ Socket s;
+ if (inet == null) {
+ s=new Socket("127.0.0.1", port );
+ }else{
+ s=new Socket(inet, port );
+ }
s.close();
// System.out.println("Closing socket " + port );
serverSocket.close(); // XXX?
