summaryrefslogtreecommitdiff
path: root/www/jakarta-tomcat
AgeCommit message (Collapse)AuthorFilesLines
2004-01-20Move WRKSRC definition away from the first paragraph in a Makefile.agc1-2/+2
2003-12-04use RCD_SCRIPTS_SHELL.grant1-2/+2
2003-08-30"It's" stands for "it is" (or "it has"). The apostrophe is not usedreed1-1/+1
for a possessive (like her, his, whose, their, and its). Note that I didn't check for proper use of "its" (when it should be "it is" or "it has" instead). I also saw over 15 other grammar or punctuation problems, but not fixed in this commit.
2003-08-23Add pseudo-category 'java'.jschauma1-2/+2
2003-07-22Use OWN_DIRS instead of MAKE_DIRS, and use the right operator +=.jmmv1-4/+4
Fixes PR pkg/22039 by Todd Vierling.
2003-07-22COMMENT should start with a capital letter.martti1-2/+2
2003-07-17s/netbsd.org/NetBSD.org/grant1-2/+2
2003-06-03Change dependency of jakarta-ant into apache-ant, as it's now known.jschauma1-2/+2
All build fine with the new version of ant.
2003-03-29Place WRKSRC where it belongs, to make pkglint happy; ok'ed by wiz.jmmv1-3/+2
2003-01-28Instead of including bsd.pkg.install.mk directly in a package Makefile,jlam1-3/+3
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set to "YES". This enforces the requirement that bsd.pkg.install.mk be included at the end of a package Makefile. Idea suggested by Julio M. Merino Vidal <jmmv at menta.net>.
2002-12-28Use the JAVA_HOME of the JDK upon which the jakarta-tomcat package dependsjlam2-3/+5
as the default JAVA_HOME. It can still be overridden by an environment variable.
2002-12-28Convert to use buildlink2, bsd.pkg.install.mk, and java-vm.mk.jlam4-103/+33
2002-12-28Refer to www/ap-jk (distributed as part of Tomcat) instead of the olderjlam2-4/+3
www/ap-jserv.
2002-12-26Replace "/usr/pkg" with "%D".jlam1-5/+5
2002-10-10Use PKG_JAVA_HOME consistently instead of JAVA_HOME now that JAVA_HOME isjlam1-3/+2
no longer defined by bsd.pkg.mk.
2002-09-24Complete standardization of messages according to latest pkglint.wiz1-3/+3
2002-06-19since we need ant.jar at runtime, switch jakarta-ant from BUILD_DEPENDS to ↵abs1-2/+2
DEPENDS
2002-05-23Add a 'flush' option to the rc.d script. Bump version to jakarta-tomcat-3.2.4nb1abs2-3/+8
If you've used tomcat this probably comes under the category of bugfix :)
2002-05-20Add NetBSD tags.cjep3-0/+3
2002-05-17include crimson.jar and ant.jar in default CLASSPATHabs1-2/+2
2002-04-19Fix build in java2 case. This is somewhat of a kluge for the fact thatjwise2-3/+15
tomcat makes mistaken assumptions about which revisions of java some features became available in, and to ensure that the package works with both jdk-1.1 and later (emulated) jdks.
2002-04-19Update jakarta-servletapi, jakarta-tomcat, and ap-jk to version 3.2.4.jwise4-67/+62
We are not advancing to the 3.3 or 4.0 branches at the moment, as neither will work with our native JDK without a lot more work. Changes since Tomcat 3.2.3 (the last pkgsrc version): 7.1 Fixes and Enhancements in Release 3.2.4 This section highlights the bugs fixed in this release. - Cookie name expires is a reserved token (#1114) - Thread initialization problem in thread pool (#1745) - AJP12 returned invalid HTTP headers when redirecting to very long URLS (#2333) - Fixed casting problem in JspFactoryImpl.getPageContext(). (#4260) - Setting sesstion-timeout in web.xml did not prevent sessions from timing out. (#4412) - Fixed race condition in ServerSocketFactory.getDefault(). (#4418) - Removed the restrictions on encoded spcecial characters in URLs that was added as a security precaution in 3.2.3. The encoded special characters are not decoded and remain the URL and path info returned to servlets. - Jk_nt_service now supports the ability to be restarted automatically by the Windows 2000 service control manager if Tomcat terminates abnormally. - Fixed invalid servlet mapping in web.xml generated by JspC (#3474, #3499) - Added findResource() and findResources() to AdaptiveClassLoader12 - A Date: HTTP header is now sent in responses when running stand alone. (#345) - Simple held on to a reference to removed objects preventing garbage collection. - Tomcat 3.2.4 now ships with JAXP 1.1. Prior releases used JAXP 1.0.1. Tomcat 3.2.4 remains completely compatible with the older version of JAXP and there is no requirement for users to upgrade to JAXP 1.1 unless their applications require the new version. - Fixed NullPointerException in HttpConnectionHandler. (#4577) 7.2 Security Vulnerabilities fixed in Tomcat 3.2.4 The randomness of generated session ids has been enhanced to prevent the generation of guessable ids.
2002-04-09Quick fix for apache.org security advisory -- example webapps as presentjwise2-4/+7
have a cross-site scripting vulnerability. For now, we remove them, but we will update to a newer version when one is available.
2002-03-26Move MAKE_FLAGS= to after .include "../../mk/bsd.pkg.mk" to ensure it ↵abs1-2/+2
overrides any external settings
2002-03-2573 dork points and a swift beating about the head with a clue-by-four forabs1-3/+2
my previous change. When resetting any externally set MAKE_FLAGS, it makes sense to check if this Makefile is trying to set it itself...
2002-03-10If we're overriding MAKE_PROGRAM to ant we should probably reset MAKE_FLAGSabs1-1/+2
to avoid any 'make' MAKE_FLAGS confusing 'ant'.
2002-02-15mkdir -> ${MKDIR}skrll1-10/+10
rmdir -> ${RMDIR} rm -> ${RM} (${RM} added to PLIST_SUBST) chmod -> ${CHMOD} chown -> ${CHOWN}
2001-11-01Move pkg/ files into package's toplevel directoryzuntum5-4/+4
2001-09-27Mechanical changes to 375 files to change dependency patterns of the formjlam1-2/+2
foo-* to foo-[0-9]*. This is to cause the dependencies to match only the packages whose base package name is "foo", and not those named "foo-bar". A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net. Also change dependency examples in Packages.txt to reflect this.
2001-08-23Do not install a .orig file (also fixes binary package under Linux)abs2-4/+4
2001-08-11Update jakarta-{servletapi,tomcat} to version 3.2.3. The only real changejwise5-338/+411
is a fix to a security problem allowing unauthorized access to protected content.
2001-06-21Switch to a dynamic PLIST so we can install against jdk or sun-jdkabs5-53/+77
2001-05-24Obey rc.conf if present (modelled on apache rc.d file), plus allow entriesabs1-22/+60
to be prepended to CLASSPATH by setting optional tomcat_classpath
2001-05-21Add size.wiz1-1/+2
2001-04-17+ move the distfile digest/checksum value from files/md5 to distinfoagc2-4/+2
+ move the patch digest/checksum values from files/patch-sum to distinfo
2001-04-13Fix thinko in a message. Purely aesthetic.jwise1-2/+7
2001-04-05Make sure .orig files from patching don't get installed.jwise1-1/+3
2001-04-03RCS Id policewennmach3-3/+7
2001-04-02Add a `run' rc script command corresponding to the tomcat `run' startupjwise1-2/+2
directive -- run in the foreground for debugging purposes.
2001-03-29Ease out-of-the-box integration with mod_jk (pkgsrc/www/ap-jk):jwise4-3/+51
* include a workers.properties which works out of the box -- this file may be better off as part of the ap-jk package, even though it is somewhat tomcat-specific. I'll give this possibility more thought. * modify the apache config file fragment generator which runs on tomcat startup to generate an Include-able apache config file fragment which works out of the box to laod mod_jk.
2001-03-29Add `workers.properties' to config files which receive special treatment.jwise3-6/+11
2001-03-29New path on master site for tomcat. Yay.jwise1-2/+2
2001-03-28Fix pattern in jakarta-servletapi dependency.jwise1-2/+2
2001-03-28Add mandatory tomcat jar files at end of CLASSPATH, not front, so that theyjwise1-2/+2
don't override user-provided jar files. Needed for cocoon, which must find xerces as the first SAX implementation in it's class path.
2001-03-28Remove outdated note about ${JAVA_HOME} (if unset, it is set by thejwise1-3/+4
rc.d script), and add a note pointing users to the rc.d script.
2001-03-28Update jakarta-tomcat to version 3.2.1.jwise11-528/+631
Changes in the package since version 3.1.1 (the last pkgsrc version): ===================================================================== * tomcat is now always installed under ${PREFIX}/tomcat. Making ${TOMCAT_HOME} configurable added much complexity for not real gain. It had been my intention to aim for a hier(7) like install for tomcat with this version, but at this point there are way to many hard-coded relative paths (relative to tomcat.home) in tomcat, and in addition, all of the (quite good, really) documentation assumes the standard install paths. Note that the previous default value of ${TOMCAT_HOME} was ${PREFIX}/jakarta/tomcat. * an rc.subr compatible (but not requiring) startup script is now installed as ${PREFIX}/etc/rc.d/tomcat. * if Sun's JSSE (Java Secure Socket Extensions) is in ${CLASSPATH} when the pkg is built, tomcat will be built with support for SSL in the standalone server mode. This soft dependency will be replaced by a hard dependency as soon as I get a chance to import a JSSE package (soon). * likewise, I will import an ap-jk package for the new apache connector (mod_jk) soon. ap-jserv continues to be usable for this purpose. Changes in tomcat itself since version 3.1.1: ============================================= New in tomcat-3.2.1: -------------------- Tomcat 3.2.1 is a maintenance and bug fix release, based on the Tomcat 3.2 (final) code base. The following changes are included: - Disallowed requesting JSP pages under the WEB-INF directory (/WEB-INF/dummy.jsp). Previously, only requests for static files were being disallowed. - The JDBCRealm request interceptor will now log the description of any JDBC exception that occurs, to aid in debugging. SECURITY VULNERABILITIES FIXED IN TOMCAT 3.2.1 (note that these fixes were also made to the tomcat-3.1 branch in tomcat 3.1.1) Protection of Resources in /WEB-INF and /META-INF Directories The servlet specification prohibits servlet containers from serving resources in the /WEB-INF and /META-INF directories of a web application archive directly to clients. In Tomcat 3.2, this means that URLs like: http://localhost:8080/examples/WEB-INF/web.xml will return an error message, rather than the contents of your deployment descriptor. However, there is a vulnerability in Tomcat 3.2 that exposes this information if the client requests a URL like this instead: http://localhost:8080/examples//WEB-INF/web.xml (note the double slash before "WEB-INF"). This vulnerability has been corrected in Tomcat 3.2.1. Show Source Vulnerability The example application delivered with Tomcat 3.2 included a mechanism to display the source code for the JSP page examples. This mechanism could be used to bypass the restrictions on displaying sensitive information in the WEB-INF and META-INF directories. This vulnerability has been removed. New in tomcat-3.2: ------------------ Tomcat 3.2 is mainly a performance tune-up release, although a few new features have been added. - Support for mod_jk, which is a replacement to the elderly mod_jserv, has had several bugs fixed and has received much more testing. It is now recommended that all users use mod_jk instead of mod_jserv. - Support JAXP-based XML parser independence. - New and often requested "how-to" documents covering the following topics: - Configuring workers.properties - IIS and Netscape configuration - Running tomcat inside an IIS or Netscape process - Running Tomcat as a Windows NT service - Configuring a JDBC realm - Configuring mod_jk - First round of policy-based security support intended for running untrusted code inside of Tomcat. Interested users should test this support and post feedback to the Tomcat users mailing list. - SSL support for standalone Tomcat. (Preliminary support first appeared in 3.1, but the support in 3.2 has received more testing and documentation support). - Thread reuse is now enabled by default. The thread pool support code was part of 3.1, but not enabled since it was new. - Support for plug-able session managers. Unfortunately, no how-to documents that support this functionality exist (yet). For the adventurous, be aware that the interface that allows administrators to plug session managers is the normal Interceptor interface. - An almost total rewrite of the HTTP request handling now results in improved performance when running Tomcat stand-alone. - Significantly reduced garbage collection. - The code underwent a refactoring effort resulting in improved readability. - And of course, hundreds of miscellaneous improvements and fixes.
2001-03-06Some people might consider "@unexec rm -rf %D/jakarta/tomcat/webapps"abs1-3/+5
a little hostile to anyone who is actually using tomcat and would prefer to not have their apps nuked on package update. Tomcat wipes webapps/ROOT, webapps/examples, and webapps/test directories on install anyway, so replace the above with entries for those directories. This allows anyone using other directories in webapps to keep their apps on package update.
2001-02-28We want RCS Ids in the patches.wiz1-0/+1
This is one of the things pkglint checks, so _please_ use it.
2001-02-25Cleanup MKDIR usage => INSTALL_*_DIRhubertf1-2/+2
XXX need to teach pkglint to be more picky about this
2001-02-17Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT.wiz2-2/+2