Projects
openEuler:Mainline
tomcat
_service:tar_scm:CVE-2020-1938-1.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:CVE-2020-1938-1.patch of Package tomcat
From 0e8a50f0a5958744bea1fd6768c862e04d3b7e75 Mon Sep 17 00:00:00 2001 From: Mark Thomas <markt@apache.org> Date: Tue, 21 Jan 2020 13:02:13 +0000 Subject: [PATCH] Change the default bind address for AJP to the loopback address --- java/org/apache/coyote/ajp/AbstractAjpProtocol.java | 4 ++++ webapps/docs/changelog.xml | 4 ++++ webapps/docs/config/ajp.xml | 5 +---- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/java/org/apache/coyote/ajp/AbstractAjpProtocol.java b/java/org/apache/coyote/ajp/AbstractAjpProtocol.java index 2500abd7ad..8e0593b771 100644 --- a/java/org/apache/coyote/ajp/AbstractAjpProtocol.java +++ b/java/org/apache/coyote/ajp/AbstractAjpProtocol.java @@ -16,6 +16,8 @@ */ package org.apache.coyote.ajp; +import java.net.InetAddress; + import org.apache.coyote.AbstractProtocol; import org.apache.coyote.Processor; import org.apache.coyote.UpgradeProtocol; @@ -46,6 +48,8 @@ public AbstractAjpProtocol(AbstractEndpoint<S,?> endpoint) { setConnectionTimeout(Constants.DEFAULT_CONNECTION_TIMEOUT); // AJP does not use Send File getEndpoint().setUseSendfile(false); + // AJP listens on loopback by default + getEndpoint().setAddress(InetAddress.getLoopbackAddress()); ConnectionHandler<S> cHandler = new ConnectionHandler<>(this); setHandler(cHandler); getEndpoint().setHandler(cHandler); diff --git a/webapps/docs/config/ajp.xml b/webapps/docs/config/ajp.xml index c70af91eae..5535a062e7 100644 --- a/webapps/docs/config/ajp.xml +++ b/webapps/docs/config/ajp.xml @@ -308,10 +308,7 @@ <attribute name="address" required="false"> <p>For servers with more than one IP address, this attribute specifies which address will be used for listening on the specified - port. By default, this port will be used on all IP addresses - associated with the server. A value of <code>127.0.0.1</code> - indicates that the Connector will only listen on the loopback - interface.</p> + port. By default, the loopback address will be used.</p> </attribute> <attribute name="bindOnInit" required="false">
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2