Subject: CVS commit: pkgsrc/www/apache-tomcat7
From: Ryo ONODERA
Date: 2016-05-01 02:41:29
Message id: 20160501004129.9EB9CFBBA@cvs.NetBSD.org

Log Message:
Update to 7.0.69

Changelog:
Tomcat 7.0.69 (violetagg)

    Catalina

        fix	Fix the type of InstanceManager attribute of mbean definition of \ 
StandardContext. (kfujino)
        add	58351: Make the server build date and server version number \ 
accessible via JMX. Patch provided by Huxing Zhang. (markt)
        fix	59001: Correctly handle the case when Tomcat is installed on a path \ 
where one of the segments ends in an exclamation mark. (markt)
        fix	Expand the fix for 59001 to cover the special sequences used in \ 
Tomcat's custom jar:war: URLs. (markt)
        fix	59043: Avoid warning while expiring sessions associated with a \ 
single sign on if HttpServletRequest.logout() is used. (markt)
        fix	59054: Ensure that using the CrawlerSessionManagerValve in a \ 
distributed environment does not trigger an error when the Valve registers \ 
itself in the session. (markt)
        add	Log a warning message if a user tries to configure the default \ 
session timeout via the deprecated (and ignored) \ 
Manager.setMaxInactiveInterval() method. (markt)
        fix	Correct a regression introduced in 7.0.68 where the deprecated \ 
Manager.getMaxInactiveInterval() method returned the current default session \ 
timeout in minutes rather than seconds. (markt)
        fix	When a Host is configured with an appBase that does not exist, \ 
create the appBase before trying to expand an external WAR file into it. (markt)
        fix	59115: When using the Servlet 3.0 file upload, the submitted file \ 
name may be provided as a token or a quoted-string. If a quoted-string, unquote \ 
the string before returning it to the user. (markt)
        fix	59123: Close NamingEnumeration objects used by the JNDIRealm once \ 
they are no longer required. (fschumacher/markt)
        fix	59138: Correct a false positive warning for ThreadLocal related \ 
memory leaks when the key class but not the value class has been loaded by the \ 
web application class loader. (markt)
        fix	59145: Don't log an invalid warning when a user logs out of a \ 
session associated with SSO. (markt)
        fix	59151: Fix a regression in the fix for 56917 that added additional \ 
(and arguably unnecessary) validation to the provided redirect location. (markt)
        fix	59206: Ensure NPE will not be thrown by \ 
o.a.tomcat.util.file.ConfigFileLoader when catalina.base is not specified. \ 
(violetagg)
        fix	59213: Async dispatches should be based off a wrapped request. (remm)
        fix	59217: Remove duplication in the recycling of the path in \ 
o.a.tomcat.util.http.ServerCookie. Patch is provided by Kyohei Nakamura. \ 
(violetagg)
        fix	Ensure that javax.servlet.ServletRequest and \ 
javax.servlet.ServletResponse provided during javax.servlet.AsyncListener \ 
registration are made available via javax.servlet.AsyncEvent.getSuppliedRequest \ 
and javax.servlet.AsyncEvent.getSuppliedResponse (violetagg)
        fix	Clarify the log message that specifying both urlPatterns and value \ 
attributes in WebServlet and WebFilter annotations is not allowed. (violetagg)
        fix	Ensure the exceptions caused by Valves will be available in the log \ 
files so that they can be evaluated when \ 
o.a.catalina.valves.ErrorReportValve.showReport is disabled. Patch is provided \ 
by Svetlin Zarev. (violetagg)
        fix	59247: Preload ResourceEntry as a workaround for security manager \ 
issues on some JVMs. (kkolinko/remm)
        fix	59269: Correct the implementation of PersistentManagerBase so that \ 
minIdleSwap functions as designed and sessions are swapped out to keep the \ 
active session count below maxActiveSessions. (markt)

Coyote

    fix	58646: Correct a problem with sendfile that resulted in a Processor \ 
being added to the cache twice leading to broken responses. (markt)
    fix	59015: Fix potential cause of endless APR Poller loop during shutdown if \ 
the Poller experiences an error during the shutdown process. (markt)
    fix	Limit the default TLS ciphers for JSSE (BIO, NIO) and OpenSSL (APR) to \ 
those currently considered secure. (markt)
    add	Add a new environment variable JSSE_OPTS that is intended to be used to \ 
pass JVM wide configuration to the JSSE implementation. The default value is \ 
-Djdk.tls.ephemeralDHKeySize=2048 which protects against weak Diffie-Hellman \ 
keys. (markt)

WebSocket

    fix	59014: Ensure that a WebSocket close message can be sent after a close \ 
message has been received. (markt)
    fix	Correctly handle compression of partial messages when the final message \ 
fragment has a zero length payload. (markt)
    add	Extend the WebSocket programmatic echo endpoint provided in the examples \ 
to handle binary messages and also partial messages. This aligns the code with \ 
Tomcat 8 and makes it easier to run the Autobahn testsuite against the WebSocket \ 
implementation. (markt)
    fix	59119: Correct read logic for WebSocket client when using secure \ 
connections. (markt)
    fix	59134: Correct client connect logic for secure connections made through \ 
a proxy. (markt)
    fix	59189: Explicitly release the native memory held by the Inflater and \ 
Deflater when using PerMessageDeflate and the WebSocket session ends. Based on a \ 
patch by Henrik Olsson. (markt)

Web Applications

    fix	Correct the description of the ServletRequest.getServerPort() in Proxy \ 
How-To. Issue reported via comments.apache.org. (violetagg)
    fix	Fix a potential indefinite wait in the Comet Chat servlet in the \ 
examples web application. (markt)
    fix	59229: Fix error in HTTP docs and make clear the the HTTP NIO connector \ 
uses non-blocking I/O to read the HTTP request headers. (markt)
    fix	Update in the documentation the link to the maven repository where \ 
Tomcat snapshot artifacts are deployed. (markt/violetagg)
    fix	Clarify in the documentation that calls to ServletContext.log(String, \ 
Throwable) or GenericServlet.log(String, Throwable) are logged at the SEVERE \ 
level. (violetagg)

Tribes

    fix	If promoting a proxy node to a primary node when getting a session, \ 
notify the change of the new primary node to the original backup node. (kfujino)
    fix	Avoid NPE when a proxy node failed to retrieve a backup entry. (kfujino)
    add	Add log of when received an unexpected messages. (kfujino)
    add	Add the flag indicating that member is a localMember. (kfujino)

Other

    fix	58283: Change the default download location for libraries during the \ 
build process from /usr/share/java to ${user.home}/tomcat-build-libs. Patch \ 
provided by Ahmed Hosni. (markt)
    fix	59031: When using the Windows uninstaller, do not remove the contents of \ 
any directories that have been symlinked into the Tomcat directory structure. \ 
(markt)
    update	Modify the default tomcat-users.xml file to make it harder for users \ 
to configure the entries intended for use with the examples web application for \ 
the Manager application. (markt)
    fix	59211: Add hamcrest to Eclipse classpath. Patch is provided by Huxing \ 
Zhang. (violetagg)
    update	59280: Update the NSIS Installer used to build the Windows Installers \ 
to version 2.51. (kkolinko)

Files:
RevisionActionfile
1.28modifypkgsrc/www/apache-tomcat7/Makefile
1.16modifypkgsrc/www/apache-tomcat7/PLIST
1.23modifypkgsrc/www/apache-tomcat7/distinfo