Log message:
Update to 7.0.35

Changelog:
Tomcat 7.0.35 (markt)

    Catalina
        fix	54247: Prevent ClassNotFoundExceptions on stop when running as a \ 
service. (markt)
        fix	54249: Ensure resource properties are available when the context \ 
path contains encoded characters such as a space. This triggered compilation \ 
issues in Jasper. Patch provided by Polina Genova. (markt)
        fix	54256: Improve error reporting when a JAR file fails extension \ 
validation by including the name of the JAR file in the exception. (markt)
        fix	Allow web applications to be stopped cleanly even if filters throw \ 
exceptions when their destroy() method is called. (markt/kkolinko)
        fix	Fix memory leak of servlet instances when running with a \ 
SecurityManager and either init() or destroy() methods fail or the servlet is a \ 
SingleThreadModel one. (kkolinko)
        code	Cleanup method cache lookup code in SecurityUtil class. (kkolinko)
        add	Make the Tomcat 7 non-JSR356 WebSocket implementation non-blocking \ 
(where supported by the connector) between the HTTP upgrade and the first \ 
WebSocket message from the client to the server. (markt)
        fix	54262: Ensure that an empty <absolute-ordering /> element in \ 
the main web.xml file disables scanning for web fragments. Based on a patch by \ 
Violeta Georgieva. (markt)
        fix	54284: As per clarification from the Servlet EG, anonymous Filters \ 
and Servlets are not permitted. Patch by Violeta Georgieva. (markt)
        fix	54371: Prevent exceptions when processing web fragments for \ 
unexpanded WAR files when the context path contains characters that need to be \ 
encoded in URLs such as spaces. Based on a patch by Polina Genova. (markt)
        add	54372: Make HTTP Digest authentication header parsing tolerant of \ 
invalid headers sent by known buggy clients. (markt)
        fix	54377: Correctly set request attributes for AccessLog in \ 
RemoteIpFilter. Patch by Violeta Georgieva. (markt)
        fix	54379: Implement support for post-construct and pre-destroy elements \ 
in web.xml. Patch by Violeta Georgieva. (markt)
        fix	54380: Do not try to register servlets or contexts into the mapper \ 
too early (which just caused a warning to be logged). (kkolinko)
        fix	Fix NPE in WebappLoader.stopInternal when stop is called after a \ 
failed start. (kkolinko)
        add	54381: Add support for receiving WebSocket pong messages. (markt)
        fix	54382: Fix NPE when SSI processing is enabled and an empty SSI \ 
directive is present. (markt)
        fix	Fix ArrayIndexOutOfBoundsException in HttpParser when parsing \ 
incorrect HTTP headers. (kkolinko)
        fix	54387: Deployment must fail when multiple servlets are mapped to the \ 
same url-pattern. (markt)
        fix	54391: Provide a value for the javax.servlet.context.orderedLibs \ 
attribute. (markt)

    Coyote
        fix	54248: Ensure that byte order marks are swallowed when using a \ 
Reader to read a request body with a BOM for those encodings that require byte \ 
order marks. (markt)
        fix	Fix release of processors in AjpNioProtocol. Wrong object was used \ 
as a key in the connections map. (kkolinko)

    Jasper
        add	54240: Add support for auto-detection and configuration of JARs on \ 
the classpath that provide tag plug-in implementations. Based on a patch by \ 
Sheldon Shao. (markt)
        fix	54241: Revert the fix for 35410 as it was not compliant with the JSP \ 
specification, specifically that <%= obj %> must be translated to \ 
out.print(obj) which in turn becomes out.write(String.valueOf(obj)). This will \ 
trigger a NullPointerException if obj.toString() returns null. The fix for 35410 \ 
incorrectly suppressed the NullPointerException in this case. (markt)
        fix	54242: Correct handle null iterations with in the JSTL ForEach tag \ 
plug-in implementation. Patch provided by Sheldon Shao. (markt)
        fix	54260: Avoid NullPointerException when using JSP unloading and tag \ 
files. (markt)
        fix	54370: Improve handling of nulls when trying to match sets of \ 
parameters to a method in EL. (markt)
        fix	54338: Correctly coerce the value to the expected type when using \ 
the tag plug-in for the JSTL set tag. Patch provided by Sheldon Shao. (markt)

    Web applications
        fix	54244: Clarify the documentation for the BIO and NIO SSL \ 
configuration attributes sslEnabledProtocols and sslProtocol within the \ 
documentation web application. (markt)
        add	Integrate documentation of Tomcat 7 with Apache Comments System. \ 
People can leave their comments when reading documentation online at the \ 
tomcat.apache.org site. (rjung)

    Other
        fix	54390: Use 'java_home' on Mac OS X to auto-detect JAVA_HOME. (schultz)

Log message:
Reset PKGREVISION.

Log message:
Update to 7.0.34

* CVE-2012-4431 is fixed in 7.0.32

Changelog:
Tomcat 7.0.34 (markt)	2012-12-12

    Catalina

        fix	53871: Improve error message if annotation scanning fails during web \ 
application start due to poor configuration or illegal cyclic inheritance with \ 
the application's classes. (markt)
        fix	Fix unit test for AccessLogValve when using non-GMT time zone. (rjung)
        fix	54170: Ensure correct registration of Filters and Servlets in the \ 
JMX registry if the Filter or Servlet name includes a character that must be \ 
quoted if used in an ObjectName value. (markt)
        add	Add new attribute renameOnRotate to the AccessLogValve. (rjung)
        fix	54190: Correct unit tests for BASIC authentication so that session \ 
timeout is correctly tested. Also refactor unit test to make it easier to add \ 
additional tests. Patch by Brian Burch. (markt)
        fix	54220: Ensure the ErrorReportValve only generates an error report if \ 
the error flag on the response has been set. (markt)
        fix	Simplify time zone handling in the access log valve and correctly \ 
handle various edge cases for non-standard DST changes. (markt)

    Web applications

        fix	54198: Clarify that HttpServletResponse.sendError(int) results in an \ 
HTML response by default. (markt)
        fix	54207: Correct JNDI factory package name in Javadoc for \ 
org.apache.naming.java.javaURLContextFactory. (markt)

    jdbc-pool

        code	Fix a handful of Eclipse warnings in the JDBC pool source code \ 
including the warnings reported in 53565. (markt)
        fix	54150: Make sure that SlowQueryReportJmx mbean deregistered during \ 
webapp shutdown. Reported by Alex Franken. (kfujino)
        fix	54194: Make sure that connection pool mbean is not registered when \ 
jmxEnabled is false. Patch provided by tobias.gierke. (kfujino)

    Other

        update	Update to Eclipse JDT Compiler 4.2.1. (markt)

Tomcat 7.0.33 (markt)	2012-11-21

    Catalina

        add	53960, 54115: Extensions to HttpClient test helper class. Patches by \ 
Brian Burch. (markt/kkolinko)
        fix	53993: Avoid a possible NPE in the AccessLogValve when the session \ 
ID is logged and a session is invalidated. (markt)
        fix	Add support for LAST_ACCESS_AT_START system property to \ 
PersistentManager. (kfujino)
        add	Update MIME type mapping with additional / updated mime.types from \ 
the Apache web server. (markt)
        fix	54007: Fix a memory leak that prevented deletion of a context.xml \ 
file associated with a Context that had failed to deploy. Also fix the problems \ 
uncovered with undeploying such a Context once the leak had been fixed and the \ 
file could be deleted. (markt)
        fix	54044: Correct bug in timestamp cache used by logging (including the \ 
access log valve) that meant entries could be made with an earlier timestamp \ 
than the true timestamp. (markt)
        fix	54054: Do not share shell environment variables between multiple \ 
instances of the CGI servlet. (markt)
        fix	54060: Use a simple parser rather than a regular expression to parse \ 
HTTP Digest authentication headers so the header is correctly parsed. The new \ 
approach is also faster and generates less garbage. (markt)
        fix	54068: Rewrite the web fragment ordering algorithm to resolve \ 
multiple issues that resulted in incorrect ordering or failure to find a \ 
correct, valid order. (markt)
        update	The HTTP header parser added to address 52811 has been removed \ 
and replaced with the light-weight HTTP header parser created to address 54060. \ 
The new parser includes a work-around for a bug in the Adobe Acrobat Reader 9.x \ 
plug-in for Microsoft Internet Explorer that was identified when the old parser \ 
was introduced (53814).
        fix	54076: Add an alternative work-around for clients that use SPNEGO \ 
authentication and expect the authenticated user to be cached per connection \ 
(Tomcat only does this if an HTTP session is available). (markt)
        fix	54087: Correctly handle (ignore) invalid If-Modified-Since header \ 
rather than throwing an exception. (markt)
        fix	54096: In web.xml, <env-entry> should accept any type that has \ 
a constructor that takes a single String or char. (markt)
        add	54127: Add support for sending a WebSocket Ping. Patch provided by \ 
Sean Winterberger. (markt)
        fix	In FormAuthenticator: If it is configured to change Session IDs, do \ 
the change before displaying the login form. (kkolinko)
        fix	Ensure AsyncListener.timeout() and AsyncListener.complete() are \ 
called with the correct thread context class loader. (fhanik)
        fix	54123: If an asynchronous request times out without any \ 
AsyncListeners defined, a 500 error will be triggered. (markt)
        fix	54124: Correct provided value of request attribute \ 
javax.servlet.async.request_uri and add missing request attribute \ 
javax.servlet.async.path_info. (markt)
        add	Add denyStatus initialization parameter to CsrfPreventionFilter, \ 
allowing to customize the HTTP status code used for denied requests. (kkolinko)
        fix	54141: Increase the permitted number of nested Realm levels from 2 \ 
to 3 by default and make the limit configurable via a system property. (markt)
        fix	Revert occasional API change in BaseDirContext class that was done \ 
in 7.0.32. Methods should not be final. (kkolinko)
        fix	Prevent failures in the AccessLogValve when running under a \ 
SecurityManager and the first request received is an asynchronous one. (markt)

    Coyote

        fix	Correct an issue that prevented WebSockets from being used over SSL \ 
when using the HTTP NIO connector. (markt)
        fix	54022: Ensure the Comet END event is triggered on client disconnect \ 
with APR/native on Windows Vista/2k8 or later. Patch provided by Douglas Beachy. \ 
(markt)
        fix	54067: Ensure responses with 1xx response codes are correctly marked \ 
as not containing an entity body. This caused an issue for some WebSocket \ 
clients when an Transfer-Encoding header was sent with the 101 (HTTP upgrade) \ 
response. (markt)

    Jasper

        code	53867: Optimise the XML escaping provided by the PageContext \ 
implementation. Based on a patch by Sheldon Shao. (markt)
        code	53896: Use an optimised CompositeELResolver for Jasper that skips \ 
resolvers that are known to be unable to resolve the value. Patch by Jarek \ 
Gawor. (markt)
        fix	53986: Correct a regression introduced by the fix for 53713. JSP \ 
comments that ended with the sequence ---%> (or any similar sequence with a \ 
odd number of - characters) was not correctly parsed. (markt)
        fix	54011: Fix a bug in the tag plug-in for <c:out> that triggered \ 
a JSP compilation error if the escapeXml attribute was used. Patch provided by \ 
Sheldon Shao. (markt)
        code	Follow up to 5401. Simplify generated code for <c:out>. Based \ 
on a patch by Sheldon Shao. (markt)
        fix	54012: Fix a bug in the tag plug-in infrastructure that meant the \ 
<c:set> triggered a JSP compilation error when used in a tag file. Based \ 
on a patch provided byx	54144: Fix a bug in the tag plug-in for <c:out> \ 
that meant that if the value of the tag evaluated to a java.io.Reader object \ 
then it was not correctly handled. (markt)

    Cluster

        fix	Add getSessionIdsFull operation to mbeans-descriptor. listSpplications

        add	54143: Add display of the memory pools usage (including PermGen) to \ 
the Status page of the Manager web application. (kkolinko)

    Tribes

        fix	54045: Make sure getMembers() returns available member when \ 
TcpFailureDetector   fix	Revert multiple operation support for the \ 
JMXProxyServlet pending further discussion. (schultz)
        fix	CVE-2012-4431: Fix bypass of CsrfPreventionFilter when there is no \ 
session. Improve session management in the filter. (kkolinko)

    Web apit servlets (JSP and default) are marked as override-able when using \ 
embedded mode. (markt)
        fix	When the DefaultServlet is under heavy load, the HTTP header parser \ 
added to address 52811 generates large amounts of garbage and uses significant \ 
CPU time. A cache has been added that significantly reduces the overhead of this \ 
parser. (markt)
        fix	53854: Make directory listings work correctly when aliases are used. \ 
(markt)

    Jasper

        code	53713: Performance improvement of up to four times faster parsing \ 
of JSP pages. Patch provided by Sheldon Shao. (markt)

    Cluster

        add	Make the cluster members and the cluster deployer associated with \ 
the cluster accessible via JMX. (markt)
        fix	Fix a behavior of TcpPingInterceptor#uhread. If set to false, ping \ 
thread is never started. (kfujino)

    Web applications

        add	Improve the documentation web application to clarify the difference \ 
between the tag and version parameters when using text interface of the Manager \ 
web application. (markt)
        add	Make sessions saved in the Store associated with a Manager that \ 
extends PersistentManager optionally visible (via the showProxySessions Servlet \ 
initialisation parameter in web.xml) to the Manager web application. (markt)

Log message:
Bump PKGREVISION.

Avoided hardcoded UID/GID using a simple post-install script.

Log message:
Update to 7.0.30

Changelog:
The Apache Tomcat Project is proud to announce the release of version 7.0.30
of Apache Tomcat. This release contains numerous bug fixes and improvements
compared to version 7.0.29. The notable changes include:

* Significantly reduced memory footprint during web application start while
  Servlet 3.0 annotation and SCI scanning is in progress.
* Adds support for scanning of classes that use Java 7 specific byte code
  for Servlet 3.0 annotation and SCI scanning.
* Improvements to DIGEST and FORM authentication.

Full details of these changes, and all the other changes, are available in the
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html .

Log message:
Bump PKGREVISION.

* Required java is 6 or later
* Remove unnecessary CLASSPATH definition in tomcat.sh
Thank you, tnozaki@.

Log message:
Updated www/apache-tomcat7 to 7.0.26

 Tomcat 7.0.26 (markt)
   Catalina
     code Provide constants for commonly used Charset objects
          and use these constants where appropriate. (markt)
          Refactor the fix for 52184 to correct two issues (a
     fix  missing class and incorrect class/method names) when
          using the extras logging packages. (markt)
          52444: Only load classes during HandlesTypes
     fix  processing if the class is a match. Previously,
          every class in the web application was loaded
          regardless of whether it was a match or not. (markt)
     fix  52488: Correct typo: exipre -> expire. (markt)
     add  Add a unit test for SSO authentication. Patch
          provided by Brian Burch. (markt)
          52511: Correct regression in the fix for 51741 that
     fix  caused a harmless exception to be logged when
          scanning for annotations and WEB-INF/classes did not
          exist. (markt)
     code Refactor to remove a circular dependency between
          org.apache.catalina and org.apache.naming. (markt)
          Remove some initialisation code from the standard
     code start process (i.e. via the scripts) that was
          intended for embedding but is not required when
          performing a standard start.(markt)
          Add new method to MBeanFactory that allows any Valve
     add  to be created and deprecate the methods to create
          specific Valves. (markt)
     add  Partial sync of MIME type mapping with mime.types
          from the Apache web server. (rjung)
          52577: Fix a regression in the fix for 52328.
     fix  Prevent output truncation when reset() is called on
          a response. (mark)
          52586: Remove an old and now unnecessary hack that
     fix  modified the path info reported via the
          javax.servlet.forward.path_info request attribute
          when forwarding to an error page. (markt)
          52587: Ensure that if it is necessary to fall back
     fix  to the default NullRealm, the NullRealm instance is
          created early enough for it to be correctly
          initialised. (markt)
     fix  Fix millisecond output in AccessLogValve when using
          a SimpleDateFormat based time pattern. (rjung)
          52591: When dumping MBean data, skip attributes
     fix  where getters throw UnsupportedOperationException.
          (markt)
          52607: Ensure that the extension validator checks
     fix  the JARs in the shared and common class loaders for
          extensions. (markt)
          Correct a threading issue in the generation of the
          list of standard authenticators during Context
     fix  initialization that could lead to a web application
          failing to start if Contexts were started in
          parallel. (markt)
          52669: Correct regression that broke annotation
          processing in /WEB-INF/classes for web applications
     fix  deployed as WARs, packageless classes and some
          embedding scenarios. The regression was introduced
          by the invalid assumptions made in the fix for
          51741. (markt)
     fix  52671: When dumping MBean data, skip attributes
          where getters throw NullPointerException. (markt)

 Javadocs
   Coyote
          51543: Provide a meaningful error message when
     add  writing more response headers than permitted.
          (markt)
          52547: Ensure that bytes written (which is used by
     fix  the access log) is correctly reset after an HTTP 1.0
          request has been processed. (markt)
     code Minor refactoring to reduce code duplication in the
          HTTP connectors. (markt)
          52606: Ensure that POST bodies are available for
     fix  reply after FORM authentication when using the AJP
          connectors. (markt)
 * Building
   Jasper
         52474: Ensure that leading and trailing white space
     fix is removed from listener class names when parsing TLD
         files. (markt)
         52480: When converting class path entries from URLs
         to files/directories, ensure that any URL encoded
     fix characters are converted. Fixes JSP compilation with
         javac when Tomcat is installed at a path that
         includes spaces. (markt)
     fix 52666: Correct coercion order in EL when processing
         the equality and inequality operators. (markt)

   Web applications
            Improve BUILDING.txt. Update instructions for
     update building. Add instructions for using Checkstyle
            and running the tests. (kkolinko)
            38216: Improve handling of null return values in
     add    the JMX proxy servlet which is part of the Manager
            application. (kkolinko)
            52515: Make it clear in the Realm how-to in the
     fix    documentation web application that digested
            password storage when using DIGEST authentication
            requires that MD5 digests are used. (markt)
     fix    52634: Fix typos in JSP examples. Patch provided
            by Felix Schumacher. (rjung)
     fix    52641: Remove mentioning of ldap.jar from docs.
            Patch provided by Felix Schumacher. (rjung)

   jdbc-pool
         Fix code style issues and enable Checkstyle checks
     fix for jdbc-pool when it is built within Tomcat.
         (kkolinko)
     fix 51582 Correct set and reset the query cache to avoid
         NPE (fhanik)

   Other
         Update Commons Daemon to 1.0.9 to resolve 52548 which
     fix meant that services created with service.bat did not
         set the catalina.home and catalina.base system
         properties. (markt)
         Implement check for correct end-of-line characters in
     add the source files. It is run as separate target in
         build.xml. (kkolinko)

Log message:
Update to 7.0.25

Changelog:
* Improvements.
* Bugfixes

Log message:
Set LICENSE.

Log message:
Import apache-tomcat-7.0.22 as www/apache-tomcat7

Apache Tomcat is an implementation of the Java Servlet and JavaServer Pages
technologies. The Java Servlet and JavaServer Pages specifications are
developed under the Java Community Process.

Apache Tomcat is developed in an open and participatory environment and
released under the Apache Software License. Apache Tomcat is intended to
be a collaboration of the best-of-breed developers from around the world.
We invite you to participate in this open development project.

Apache Tomcat powers numerous large-scale, mission-critical web applications
across a diverse range of industries and organizations.