Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

141 lines (118 sloc) 6.192 kb
================================================================================
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
================================================================================
$Id$
=================================
Apache Tomcat 6.0 Patch Proposals
=================================
RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT:
[ start all new proposals below, under PATCHES PROPOSED. ]
PATCHES PROPOSED TO BACKPORT:
[ New proposals should be added at the end of the list ]
* Fix the maven stuff for the maven repo.
Before it does't find tomcat-juli.jar and the remoteRepository seems broken .
http://people.apache.org/~jfclere/patches/maven.patch
+1: jfclere
-1: fhanik - easier to pass in the root path (lib/bin) to the macro instead of hacking around it
if we remove the SCP auto feature, then there should be something to replace it with
(http://ant.apache.org/manual/OptionalTasks/scp.html)
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48545
Truststores don't have to have passwords
Based on a patch by 'smmwpf54'
http://svn.apache.org/viewvc?view=revision&revision=910266
+1: markt
-1: jfclere: Doc says it should use keystorePass (http://tomcat.apache.org/tomcat-6.0-doc/config/http.html).
so that would break existing configurations.
markt: It shouldn't break existing configs. JSSE allows trust stores to be
read without providing the password
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49030
Failure of one connector should not leave some connectors started and some
ignored
http://svn.apache.org/viewvc?rev=929521&view=rev
+1: markt
-1:
+0: kkolinko: good, but maybe we should also prevent against starting
those connectors, that failed to initialize, in StandardService#start()?
Also the message name (some generic name, "connector.failed"), vs.
message text ("starting"), vs. what actually happened (initialize()) -
I won't insist on fixing that inconsistency.
* Configure Tomcat to use HttpOnly for session cookies by default
http://people.apache.org/~kkolinko/patches/2010-04-21_tc6_context_httpOnly.patch
+1: kkolinko
-0: markt - There wasn't consensus previously.
- If you are going to change the default, do it in the code
-1:
* Backport a couple of loader fixes and enhancements:
Add property "searchExternalFirst" to WebappLoader:
If set, the external repositories will be searched before
the WEB-INF ones. Default (false) is unchanged behaviour.
Also expose the new property via JMX and document it.
http://svn.apache.org/viewvc?view=revision&revision=936823
http://people.apache.org/~rjung/patches/2010-05-14-loader-backport-r936823.patch
+1: rjung
-1: markt - The new block
if (hasExternalRepositories && searchExternalFirst) {...}
needs to silently swallow CNFE to have same behaviour as previous
code
Expose the new WebappLoader flag in the VirtualWebappLoader,
but allow alternative name searchVirtualFirst to make it
consistent with the "virtual" terminology.
Now you can decide, whether the virtual paths will
be searched before the webapp or after it.
If searched before, external resources take precendence
over internal ones. Before that change one couldn't overwrite
resources already present in the webapp.
http://svn.apache.org/viewvc?view=revision&revision=936825
http://people.apache.org/~rjung/patches/2010-05-14-loader-backport-r936825.patch
+1: rjung
-1:
Respect configurable search order in getURLs().
http://svn.apache.org/viewvc?view=revision&revision=936892
http://people.apache.org/~rjung/patches/2010-05-14-loader-backport-r936892.patch
+1: rjung
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49343
When ChannelException is thrown, remove listener from channel.
http://svn.apache.org/viewvc?view=revision&revision=948402
+1: kfujino, kkolinko
-1:
kkolinko:
Maybe "this.channel.removeChannelListener(this.rpcChannel);" call
has to be replaced with "this.rpcChannel.breakdown();"
Additional patch.
"this.channel.removeChannelListener(this.rpcChannel);" call is
replaced with "this.rpcChannel.breakdown();".
http://svn.apache.org/viewvc?view=revision&revision=950922
+1: kfujino, kkolinko
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49099
Provide a mechanism for including requests rejected by the CoyoteAdapter in
the standard access log
http://people.apache.org/~markt/patches/2010-07-07-bug49099.patch
This is a backport of: r950587, r950809, r951018, r951093, r951447,
r951892, r952295
+1: markt
-1:
kkolinko: 1) It would be nice to log requests using the timestamp when it was
received (like HTTPD 2.0+ does), not when it was processed. If that is to be
implemented, an additional parameter will be needed for the log() method in
the AccessLog interface. I suppose that might be "long t1, long t2" instead
of "long time".
2) I see no way to turn off this feature or filter the output.
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49424
Avoid NPE if client provides no data with a chunked POST request
http://svn.apache.org/viewvc?rev=953434&view=rev
+1: markt, kkolinko
-1:
Jump to Line
Something went wrong with that request. Please try again.