headers
mturk | 1 Apr 09:48
Picon
Favicon
Gravatar

svn commit: r524551 - /tomcat/connectors/trunk/jni/native/build/tcnative.m4

Author: mturk
Date: Sun Apr  1 00:48:26 2007
New Revision: 524551

URL: http://svn.apache.org/viewvc?view=rev&rev=524551
Log:
Use correct field notation.

Modified:
    tomcat/connectors/trunk/jni/native/build/tcnative.m4

Modified: tomcat/connectors/trunk/jni/native/build/tcnative.m4
URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/build/tcnative.m4?view=diff&rev=524551&r1=524550&r2=524551
==============================================================================
--- tomcat/connectors/trunk/jni/native/build/tcnative.m4 (original)
+++ tomcat/connectors/trunk/jni/native/build/tcnative.m4 Sun Apr  1 00:48:26 2007
@@ -15,10 +15,10 @@
   fi
   sapr_version="`echo $sapr_pversion|sed -e 's/\([a-z]*\)$/.\1/'`"
   IFS=.; set $sapr_version; IFS=' '
-  if test "$1" -lt "1"; then
+  if test "${1}" -lt "1"; then
     AC_MSG_ERROR(You need APR version 1.2.1 or newer installed.)
   else
-    if test "$2" -lt "2"; then
+    if test "${2}" -lt "2"; then
       AC_MSG_ERROR(You need APR version 1.2.1 or newer installed.)
     fi
   fi
(Continue reading)

Permalink | Reply | 0 comments |
headers
mturk | 1 Apr 09:51
Picon
Favicon
Gravatar

svn commit: r524552 - /tomcat/connectors/trunk/jni/jnirelease.sh

Author: mturk
Date: Sun Apr  1 00:51:53 2007
New Revision: 524552

URL: http://svn.apache.org/viewvc?view=rev&rev=524552
Log:
Use correct location and version for jnirelease.sh

Modified:
    tomcat/connectors/trunk/jni/jnirelease.sh

Modified: tomcat/connectors/trunk/jni/jnirelease.sh
URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/jnirelease.sh?view=diff&rev=524552&r1=524551&r2=524552
==============================================================================
--- tomcat/connectors/trunk/jni/jnirelease.sh (original)
+++ tomcat/connectors/trunk/jni/jnirelease.sh Sun Apr  1 00:51:53 2007
@@ -17,7 +17,7 @@
 #
 # Default place to look for apr source.  Can be overridden with 
 #   --with-apr=[directory]
-apr_src_dir=../apr
+apr_src_dir=`pwd`/srclib/apr-1.2.7

 while test $# -gt 0 
 do
@@ -51,8 +51,8 @@
 # Replace JKJNIEXT with branch/or tag
 # and JKJNIVER by the version like 1.1.0
 JKJNIEXT=trunk
-JKJNIVER=current
(Continue reading)

Permalink | Reply | 0 comments |
headers
mturk | 1 Apr 09:59
Picon
Favicon
Gravatar

svn commit: r524553 - /tomcat/connectors/trunk/jni/jnirelease.sh

Author: mturk
Date: Sun Apr  1 00:59:16 2007
New Revision: 524553

URL: http://svn.apache.org/viewvc?view=rev&rev=524553
Log:
Add valid SVN path for this release, so it can be tagged.

Modified:
    tomcat/connectors/trunk/jni/jnirelease.sh

Modified: tomcat/connectors/trunk/jni/jnirelease.sh
URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/jnirelease.sh?view=diff&rev=524553&r1=524552&r2=524553
==============================================================================
--- tomcat/connectors/trunk/jni/jnirelease.sh (original)
+++ tomcat/connectors/trunk/jni/jnirelease.sh Sun Apr  1 00:59:16 2007
@@ -50,8 +50,9 @@

 # Replace JKJNIEXT with branch/or tag
 # and JKJNIVER by the version like 1.1.0
-JKJNIEXT=trunk
-# JKJNIVER=current
+# JKJNIEXT="trunk"
+# JKJNIVER="current"
+JKJNIEXT="tags/other/TOMCAT_NATIVE_1_1_9"
 JKJNIVER="1.1.9"
 SVNBASE=https://svn.apache.org/repos/asf/tomcat/connectors/
 JKJNIDIST=tomcat-connectors-${JKJNIVER}-src
Permalink | Reply | 0 comments |
headers
markt | 1 Apr 18:32
Picon
Favicon
Gravatar

svn commit: r524626 - in /tomcat/site/trunk: docs/security-3.html xdocs/security-3.xml

Author: markt
Date: Sun Apr  1 09:32:52 2007
New Revision: 524626

URL: http://svn.apache.org/viewvc?view=rev&rev=524626
Log:
More tomcat 3 issues.

Modified:
    tomcat/site/trunk/docs/security-3.html
    tomcat/site/trunk/xdocs/security-3.xml

Modified: tomcat/site/trunk/docs/security-3.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-3.html?view=diff&rev=524626&r1=524625&r2=524626
==============================================================================
--- tomcat/site/trunk/docs/security-3.html (original)
+++ tomcat/site/trunk/docs/security-3.html Sun Apr  1 09:32:52 2007
@@ -469,6 +469,52 @@
        attacks using specially crafted URLs.</p>

     <p>Affects: 3.0, 3.1-3.1.1, 3.2-3.2.1</p>
+
+    <p>
+<strong>moderate: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0590">
+       CVE-2001-0590</a>
+<br/>
+</p>
+
+    <p>A specially crafted URL can be used to obtain the source for JSPs.</p>
(Continue reading)

Permalink | Reply | 0 comments |
headers
markt | 1 Apr 19:18
Picon
Favicon
Gravatar

svn commit: r524636 - in /tomcat/site/trunk: docs/security-3.html xdocs/security-3.xml

Author: markt
Date: Sun Apr  1 10:18:07 2007
New Revision: 524636

URL: http://svn.apache.org/viewvc?view=rev&rev=524636
Log:
Better info on snoop servlet issues and change 3.3 to 3.3a

Modified:
    tomcat/site/trunk/docs/security-3.html
    tomcat/site/trunk/xdocs/security-3.xml

Modified: tomcat/site/trunk/docs/security-3.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-3.html?view=diff&rev=524636&r1=524635&r2=524636
==============================================================================
--- tomcat/site/trunk/docs/security-3.html (original)
+++ tomcat/site/trunk/docs/security-3.html Sun Apr  1 10:18:07 2007
@@ -233,19 +233,7 @@
        adequately firewalled to ensure it is not accessible to remote attackers.
        There are no plans to issue a an update to Tomcat 3.x for this issue.</p>

-    <p>Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4, 3.3-3.3.2</p>
-
-    <p>
-<strong>low: Information disclosure</strong>
-       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2006">
-       CVE-2002-2006</a>
-</p>
-
-    <p>The snoop servlet installed as part of the examples includes output that
(Continue reading)

Permalink | Reply | 0 comments |
headers
Rainer Jung | 1 Apr 19:35
Picon
Favicon

Re: svn commit: r521417 - /tomcat/connectors/trunk/jk/native/common/jk_util.c

Hi Mladen,

I checked out jk trunk today and built mod_jk on XP pro using Visual
Studio .net against httpd 2.0.59, 2.2.4 and 1.3.37. The build worked
without problems.

I then made a little test using LogLevel debug without rotatelogs, so
logging directly to file and the resulting log file contained unix line
endings!

More precisely: this happened for 2.0.59 and 2.2.4.

For 1.3.37, mod_jk opened the log file, but all log output went directly
to STDOUT or STDERR and produced error log lines like:

[Sun Apr 01 18:58:22 2007] [error] mod_jk: jk_log_to_file [Sun Apr 01
18:58:22 2007] [4132:4580] [debug] ajp_init::jk_ajp_common.c (2137):
buffer size:      0\n failed

Could you check trunk in your build env? I could provide you my build
results and I could also check yours against my Apache/Win.

The reason why I don't simply assume my build is borked, is that I saw
the same unix line endings in some environment running the official
build download (before I introduced the patch).

I think we don't use stdio. APR has apr_file_open() which uses
CreateFile() and apr_file_write() which goes back to WriteFile() on Windows.

Regards,
(Continue reading)

Permalink | Reply | 9 comments |
headers
markt | 1 Apr 19:45
Picon
Favicon
Gravatar

svn commit: r524646 - in /tomcat/site/trunk: docs/security-3.html xdocs/security-3.xml

Author: markt
Date: Sun Apr  1 10:45:10 2007
New Revision: 524646

URL: http://svn.apache.org/viewvc?view=rev&rev=524646
Log:
The last of the CVE entries.

Modified:
    tomcat/site/trunk/docs/security-3.html
    tomcat/site/trunk/xdocs/security-3.xml

Modified: tomcat/site/trunk/docs/security-3.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-3.html?view=diff&rev=524646&r1=524645&r2=524646
==============================================================================
--- tomcat/site/trunk/docs/security-3.html (original)
+++ tomcat/site/trunk/docs/security-3.html Sun Apr  1 10:45:10 2007
@@ -401,7 +401,7 @@
        identifies the Tomcat installation path. There are no plans to issue a an
        update to Tomcat 3.x for this issue.</p>

-    <p>Affects: 3.0, 3.1-3.1.1, 3.2-3.2.4</p>
+    <p>Affects:3.1-3.1.1, 3.2-3.2.4</p>
   </blockquote>
 </p>
 </td>
@@ -482,6 +482,41 @@
     <p>A specially crafted URL can be used to obtain the source for JSPs.</p>

     <p>Affects: 3.0, 3.1-3.1.1, 3.2-3.2.1</p>
(Continue reading)

Permalink | Reply | 0 comments |
headers
mturk | 1 Apr 20:21
Picon
Favicon
Gravatar

svn commit: r524649 - in /tomcat/connectors/trunk/jni/native: Makefile.in build/tcnative.m4

Author: mturk
Date: Sun Apr  1 11:21:28 2007
New Revision: 524649

URL: http://svn.apache.org/viewvc?view=rev&rev=524649
Log:
Fix detection of OpenSSL without using obsolete AC functions.

Modified:
    tomcat/connectors/trunk/jni/native/Makefile.in
    tomcat/connectors/trunk/jni/native/build/tcnative.m4

Modified: tomcat/connectors/trunk/jni/native/Makefile.in
URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/Makefile.in?view=diff&rev=524649&r1=524648&r2=524649
==============================================================================
--- tomcat/connectors/trunk/jni/native/Makefile.in (original)
+++ tomcat/connectors/trunk/jni/native/Makefile.in Sun Apr  1 11:21:28 2007
@@ -59,7 +59,7 @@
 	$(LIBTOOL) --mode=install $(INSTALL) -m 755 $(TARGET_LIB) $(DESTDIR)$(libdir)

 $(TARGET_LIB): $(OBJECTS)
-	$(LINK) @lib_target@ @TCNATIVE_LDFLAGS@ @TCNATIVE_LIBS@ @SSL_LIBS@
+	$(LINK) @lib_target@ @TCNATIVE_LDFLAGS@ @TCNATIVE_LIBS@

 check: $(TARGET_LIB)
 	(cd test && $(MAKE) check)

Modified: tomcat/connectors/trunk/jni/native/build/tcnative.m4
URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/build/tcnative.m4?view=diff&rev=524649&r1=524648&r2=524649
==============================================================================
(Continue reading)

Permalink | Reply | 0 comments |
headers
mturk | 1 Apr 20:23
Picon
Favicon
Gravatar

svn commit: r524650 - /tomcat/connectors/trunk/jni/native/srclib/VERSIONS

Author: mturk
Date: Sun Apr  1 11:23:24 2007
New Revision: 524650

URL: http://svn.apache.org/viewvc?view=rev&rev=524650
Log:
Update to latest stable version for both dependent libraries.

Modified:
    tomcat/connectors/trunk/jni/native/srclib/VERSIONS

Modified: tomcat/connectors/trunk/jni/native/srclib/VERSIONS
URL: http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/srclib/VERSIONS?view=diff&rev=524650&r1=524649&r2=524650
==============================================================================
--- tomcat/connectors/trunk/jni/native/srclib/VERSIONS (original)
+++ tomcat/connectors/trunk/jni/native/srclib/VERSIONS Sun Apr  1 11:23:24 2007
@@ -1,4 +1,4 @@
 Use the following version of the libraries

-- APR 1.2.7, http://apr.apache.org
-- OpenSSL 0.9.8d, http://www.openssl.org
+- APR 1.2.8, http://apr.apache.org
+- OpenSSL 0.9.8e, http://www.openssl.org
Permalink | Reply | 0 comments |
headers
Mladen Turk | 1 Apr 20:27
Picon
Favicon
Gravatar

Re: svn commit: r521417 - /tomcat/connectors/trunk/jk/native/common/jk_util.c

Rainer Jung wrote:
> Hi Mladen,
> 
> I think we don't use stdio. APR has apr_file_open() which uses
> CreateFile() and apr_file_write() which goes back to WriteFile() on Windows.
>

We are using stdio for other web servers, so if you add CRLF then
the IIS will be broken. Perhaps opening the files as binary for
windows, and then forcing CRLF will do. However this would break
cygwin builds thought.

I'll check 1.3 tomorrow.

Regards,
Mladen.
Permalink | Reply | 7 comments |

Gmane