Also, work around a horrible interaction with the gzip in NetBSD
2.0 (at least RC4). If gzip is used in a pipeline the tarfile
fails to extract (PR bin/27228)
Changes since 5.0.27:
General
fix 30239: Updated IIS how-to to link to Wiki page with
instrutions for IIS 5 and IIS 6 configurations. (yoavs)
fix 30238: Replaced isapi_redirector.dll isapi_redirect.dll
in installation script for consistency. (yoavs)
fix 29584: Enhanced and clarified JNDI documentation.
(yoavs)
fix 30245: Corrected Connector documentation to list
"address" as a common attribute. (yoavs)
fix 29826: Modified setclasspath.bat exit code to 1.
(yoavs)
update Updated status page, mostly rewritten. (yoavs)
update Updated Jakarta-Commons dependencies: BeanUtils to 1.7.0,
Collections to 3.1. (yoavs)
update Removed classic compiler directives from Ant build, as we
use modern anyways. (yoavs)
update Modified RELEASE-PLAN-5.0.html to indicate status given
start of work on Tomcat 5.next. (yoavs)
update Added command lines utilities version.sh, version.bat to
let you know what version is installed. (funkman)
Catalina
30602: Subject is not available during the first call
fix to the servlet which use the basic authentication
(jfarcand)
fix 29831: Added support for Boolean property to
BeanFactory. (yoavs)
fix 28875: Made ErrorReportValve use UTF-8 encoding by
default. (yoavs)
fix 30325: Only set CATALINA_HOME if not already set (in
bin/catalina.sh). (yoavs)
fix 30144: Made SSIServlet check resource MimeType before
using text/html and UTF-8 default. (yoavs)
29406: Made JAASRealm configurable as to whether it
fix should use the context ClassLoader or the default
ClassLoader by adding a useContextClassLoader boolean
attribute. (yoavs)
If ServletResponse.getWriter() is called and no char
encoding has been specified, set response char encoding to
fix default (ISO-8859-1) so that it is reflected in
getContentType() and Content-Type header, as required by
the Servlet Spec (Bugtraq 6152759) (luehe)
fix 29869: Better JMX/JSR77 support in StandardContext and
StandardWrapper. (remm)
update Fixed broken link to JK documenration from AJP Connector
reference page. (yoavs)
fix 30587: Typo in ExtendedAccessLogValve. (yoavs)
fix 30561: Broken restart of NamingService. (yoavs)
fix 29668: NPE in HostConfig, directory created for
deployed WAR instead of xml file. (yoavs)
fix 30179: Improved Bootstrap catalina.properties
handling. (yoavs)
fix 30762: Servlet#destroy was called before
contextDestroyed. (yoavs)
fix 30650: Added explicit comments on session equals()
implementation. (yoavs)
Coyote
fix 30770: Check that the browser actually sent a user-agent
header before using it. (billbarker)
Default charset not included in Content-Type response header
fix if no char encoding was specified (see Bugtraq 6152759).
(luehe)
Jasper
fix 29971: Commented out page directive is parsed. (luehe)
fix 30067: 'Scripting elements are disallowed here' exception
behind scriptless tag. (luehe)
fix 30073: NPE when compiling .jspx with broken xml format in
jspcmode. (luehe)
fix 30291: Smap for a tag should not include its body.
(kinman)
fix 30289: Incorrect Smap for multiple line java expression.
(kinman)
Cluster
Webapps
fix 29779: Admin/Examples SetCharacterEncodingFilter wrong
package. (yoavs)
fix 30354: manager-howto.xml used wrong Ant task. (yoavs)
which installs to ${RCD_SCRIPTS_EXAMPLEDIR}. But the MESSAGE
referred to wrong hard-coded location if the RCD_SCRIPTS_EXAMPLEDIR
was not the default. So use RCD_SCRIPTS_EXAMPLEDIR instead.
PKGREVISION not bumped because if someone had changed
RCD_SCRIPTS_EXAMPLEDIR before recent change of autoregistration
of rc.d script in PLIST, then it could not have been packaged
in first place.
Note that this commit does not imply that the MESSAGE is correct.
In some cases, the MESSAGE is clearly wrong such as suggesting
running the rc.d script from the example directory (which will work
although).
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
for a possessive (like her, his, whose, their, and its).
Note that I didn't check for proper use of "its" (when it should
be "it is" or "it has" instead).
I also saw over 15 other grammar or punctuation problems, but not
fixed in this commit.
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
tomcat makes mistaken assumptions about which revisions of java some
features became available in, and to ensure that the package works with
both jdk-1.1 and later (emulated) jdks.
We are not advancing to the 3.3 or 4.0 branches at the moment, as neither
will work with our native JDK without a lot more work.
Changes since Tomcat 3.2.3 (the last pkgsrc version):
7.1 Fixes and Enhancements in Release 3.2.4
This section highlights the bugs fixed in this release.
- Cookie name expires is a reserved token (#1114)
- Thread initialization problem in thread pool (#1745)
- AJP12 returned invalid HTTP headers when redirecting to very
long URLS (#2333)
- Fixed casting problem in JspFactoryImpl.getPageContext(). (#4260)
- Setting sesstion-timeout in web.xml did not prevent sessions from
timing out. (#4412)
- Fixed race condition in ServerSocketFactory.getDefault(). (#4418)
- Removed the restrictions on encoded spcecial characters in URLs
that was added as a security precaution in 3.2.3. The encoded
special characters are not decoded and remain the URL and
path info returned to servlets.
- Jk_nt_service now supports the ability to be restarted automatically
by the Windows 2000 service control manager if Tomcat terminates
abnormally.
- Fixed invalid servlet mapping in web.xml generated by JspC (#3474, #3499)
- Added findResource() and findResources() to AdaptiveClassLoader12
- A Date: HTTP header is now sent in responses when running stand
alone. (#345)
- Simple held on to a reference to removed objects preventing
garbage collection.
- Tomcat 3.2.4 now ships with JAXP 1.1. Prior releases used
JAXP 1.0.1. Tomcat 3.2.4 remains completely compatible with
the older version of JAXP and there is no requirement for users
to upgrade to JAXP 1.1 unless their applications require the new
version.
- Fixed NullPointerException in HttpConnectionHandler. (#4577)
7.2 Security Vulnerabilities fixed in Tomcat 3.2.4
The randomness of generated session ids has been enhanced to prevent the
generation of guessable ids.
foo-* to foo-[0-9]*. This is to cause the dependencies to match only the
packages whose base package name is "foo", and not those named "foo-bar".
A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net. Also
change dependency examples in Packages.txt to reflect this.
