From f5590977b9f57de523a32214be3634deefad1f8d Mon Sep 17 00:00:00 2001 From: squallsama Date: Thu, 11 Jul 2013 12:31:04 +0300 Subject: [PATCH 01/79] update to 7.0.42 Conflicts: tomcat.spec --- sources | 3 ++- tomcat.spec | 7 +++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/sources b/sources index 20aa8e6..67edb0d 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ -158df72e6c046fa5d46a691a7c0805e6 apache-tomcat-7.0.40-src.tar.gz +5b7319630dbfe1803fc84bcb48fc551c apache-tomcat-7.0.42-src.tar.gz + diff --git a/tomcat.spec b/tomcat.spec index ddb2cab..158562f 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 40 +%global micro_version 42 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -54,7 +54,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 2%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -677,6 +677,9 @@ fi %attr(0644,root,root) %{_unitdir}/%{name}-jsvc.service %changelog +* Thu Jul 11 2013 Dmitry Tikhonov 0:7.0.42-1 +- Updated to 7.0.42 + * Sat May 11 2013 Ivan Afonichev 0:7.0.40-1 - Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link From a0886b4640794488b5190f8ef0b0d9c3a9b37029 Mon Sep 17 00:00:00 2001 From: Ivan Afonichev Date: Fri, 12 Jul 2013 02:09:26 +0400 Subject: [PATCH 02/79] Fix sources --- sources | 1 - 1 file changed, 1 deletion(-) diff --git a/sources b/sources index 67edb0d..c9c84cf 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ 5b7319630dbfe1803fc84bcb48fc551c apache-tomcat-7.0.42-src.tar.gz - From fb74d36077389c292aefd639824ed8dd748549a5 Mon Sep 17 00:00:00 2001 From: Ivan Afonichev Date: Mon, 4 Nov 2013 00:04:06 +0400 Subject: [PATCH 03/79] Updated to 7.0.47 Conflicts: tomcat.spec --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index c9c84cf..2bb650f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -5b7319630dbfe1803fc84bcb48fc551c apache-tomcat-7.0.42-src.tar.gz +4ee89bfd85f6afb31c7675b05f0469cb apache-tomcat-7.0.47-src.tar.gz diff --git a/tomcat.spec b/tomcat.spec index 158562f..44882b6 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 42 +%global micro_version 47 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -677,6 +677,9 @@ fi %attr(0644,root,root) %{_unitdir}/%{name}-jsvc.service %changelog +* Sun Nov 03 2013 Ivan Afonichev 0:7.0.47-1 +- Updated to 7.0.47 + * Thu Jul 11 2013 Dmitry Tikhonov 0:7.0.42-1 - Updated to 7.0.42 From 2a1fbf0f3d614b3fccb7d3596b73d1042a56d6a0 Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Fri, 7 Feb 2014 16:55:17 +0400 Subject: [PATCH 04/79] Tomcat 7.0.33 for CentOS 6.x --- sources | 2 +- tomcat-7.0-jsvc.service | 19 --- tomcat-7.0-tomcat-jsvc-sysd | 113 ------------------ tomcat-7.0-tomcat-sysd | 79 ------------- tomcat-7.0.service | 23 ---- tomcat-7.0.wrapper | 9 +- tomcat.spec | 224 ++++++++++++------------------------ 7 files changed, 78 insertions(+), 391 deletions(-) delete mode 100644 tomcat-7.0-jsvc.service delete mode 100644 tomcat-7.0-tomcat-jsvc-sysd delete mode 100644 tomcat-7.0-tomcat-sysd delete mode 100644 tomcat-7.0.service diff --git a/sources b/sources index 2bb650f..b76a2e2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4ee89bfd85f6afb31c7675b05f0469cb apache-tomcat-7.0.47-src.tar.gz +1693d330f195366a6cd852bf3ce3eb95 apache-tomcat-7.0.33-src.tar.gz diff --git a/tomcat-7.0-jsvc.service b/tomcat-7.0-jsvc.service deleted file mode 100644 index 3792cef..0000000 --- a/tomcat-7.0-jsvc.service +++ /dev/null @@ -1,19 +0,0 @@ -# Systemd unit file for tomcat -# -# To create clones of this service: -# 1) By default SERVICE_NAME=tomcat. When cloned, the value must be defined -# before tomcat-sysd is called. -# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat -# to override tomcat defaults - -[Unit] -Description=Apache Tomcat Web Application Container JSVC wrapper -After=syslog.target network.target - -[Service] -Type=forking -ExecStart=/usr/sbin/tomcat-jsvc-sysd start -ExecStop=/usr/sbin/tomcat-jsvc-sysd stop - -[Install] -WantedBy=multi-user.target diff --git a/tomcat-7.0-tomcat-jsvc-sysd b/tomcat-7.0-tomcat-jsvc-sysd deleted file mode 100644 index 9134d5b..0000000 --- a/tomcat-7.0-tomcat-jsvc-sysd +++ /dev/null @@ -1,113 +0,0 @@ -#!/bin/bash -# -# This script provides systemd activation of the tomcat service -# To create clones of this service: -# 1) SERVICE_NAME must be defined before calling this script -# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat -# to override tomcat defaults - -# SERVICE_NAME is a required value only if the service name is -# different from 'tomcat' -# -NAME="${SERVICE_NAME:-tomcat}" - -#I'll bet this isn't required. -# unset ISBOOT - -# For SELinux we need to use 'runuser' not 'su' -if [ -x "/sbin/runuser" ]; then - SU="/sbin/runuser -s /bin/sh" -else - SU="/bin/su -s /bin/sh" -fi - -# Path to the tomcat launch script -TOMCAT_SCRIPT="/usr/sbin/tomcat-jsvc" - -# Define the tomcat username -TOMCAT_USER="${TOMCAT_USER:-tomcat}" - -# TOMCAT_LOG should be different from catalina.out. -# Usually the below config is all that is necessary -TOMCAT_LOG=/var/log/${NAME}/${NAME}-sysd.log - -# Get the tomcat config (use this for environment specific settings) -TOMCAT_CFG="/etc/tomcat/tomcat.conf" -if [ -r "$TOMCAT_CFG" ]; then - . $TOMCAT_CFG -fi - -# Get instance specific config file -if [ -r "/etc/sysconfig/${NAME}" ]; then - . /etc/sysconfig/${NAME} -fi - -function parseOptions() { - options="" - options="$options $( - awk '!/^#/ && !/^$/ { ORS=" "; print "export ", $0, ";" }' \ - $TOMCAT_CFG - )" - if [ -r "/etc/sysconfig/${NAME}" ]; then - options="$options $( - awk '!/^#/ && !/^$/ { ORS=" "; - print "export ", $0, ";" }' \ - /etc/sysconfig/${NAME} - )" - fi - TOMCAT_SCRIPT="$options ${TOMCAT_SCRIPT}" -} - -# See how we were called. -function start() { - # fix permissions on the log and pid files - export CATALINA_PID="/var/run/${NAME}.pid" - touch $CATALINA_PID 2>&1 - if [ "$?" -eq "0" ]; then - chown ${TOMCAT_USER}:${TOMCAT_USER} $CATALINA_PID - fi - - touch $TOMCAT_LOG 2>&1 - if [ "$?" -eq "0" ]; then - chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG - fi - - # if jsvc installed and USE_JSVC=true - # then start as root and use jsvc to drop privileges - if [ -x /usr/bin/jsvc ]; then - TOMCAT_USER="root" - fi - - parseOptions - if [ "$SECURITY_MANAGER" = "true" ]; then - $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start-security" >> $TOMCAT_LOG 2>&1 - else - $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start" >> $TOMCAT_LOG 2>&1 - fi -} - -function stop() { - # if jsvc installed and USE_JSVC=true - # then start as root and use jsvc to drop privileges - if [ -x /usr/bin/jsvc ]; then - TOMCAT_USER="root" - fi - - parseOptions - $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} stop" >> $TOMCAT_LOG 2>&1 -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; -esac - diff --git a/tomcat-7.0-tomcat-sysd b/tomcat-7.0-tomcat-sysd deleted file mode 100644 index 192329c..0000000 --- a/tomcat-7.0-tomcat-sysd +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# -# This script provides systemd activation of the tomcat service -# To create clones of this service: -# 1) SERVICE_NAME must be defined before calling this script -# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat -# to override tomcat defaults - -# SERVICE_NAME is a required value only if the service name is -# different from 'tomcat' -# -export NAME="${SERVICE_NAME:-tomcat}" - -#I'll bet this isn't required. -# unset ISBOOT - -# For SELinux we need to use 'runuser' not 'su' -if [ -x "/sbin/runuser" ]; then - SU="/sbin/runuser -s /bin/sh" -else - SU="/bin/su -s /bin/sh" -fi - -# Path to the tomcat launch script -TOMCAT_SCRIPT="/usr/sbin/tomcat" - -# Define the tomcat username -TOMCAT_USER="${TOMCAT_USER:-tomcat}" - -# TOMCAT_LOG should be different from catalina.out. -# Usually the below config is all that is necessary -TOMCAT_LOG=/var/log/${NAME}/${NAME}-sysd.log - -# Get the tomcat config (use this for environment specific settings) -TOMCAT_CFG="/etc/tomcat/tomcat.conf" -if [ -r "$TOMCAT_CFG" ]; then - . $TOMCAT_CFG -fi - -# Get instance specific config file -if [ -r "/etc/sysconfig/${NAME}" ]; then - . /etc/sysconfig/${NAME} -fi - -# See how we were called. -function start() { - # fix permissions on the log and pid files - export CATALINA_PID="/var/run/${NAME}.pid" - - touch $TOMCAT_LOG 2>&1 - if [ "$?" -eq "0" ]; then - chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG - fi - - if [ "$SECURITY_MANAGER" = "true" ]; then - ${TOMCAT_SCRIPT} start-security >> $TOMCAT_LOG 2>&1 - else - ${TOMCAT_SCRIPT} start #>> $TOMCAT_LOG 2>&1 - fi -} - -function stop() { - ${TOMCAT_SCRIPT} stop >> $TOMCAT_LOG 2>&1 -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; -esac - diff --git a/tomcat-7.0.service b/tomcat-7.0.service deleted file mode 100644 index e2ab30c..0000000 --- a/tomcat-7.0.service +++ /dev/null @@ -1,23 +0,0 @@ -# Systemd unit file for tomcat -# -# To create clones of this service: -# 1) By default SERVICE_NAME=tomcat. When cloned, the value must be defined -# before tomcat-sysd is called. -# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat -# to override tomcat defaults - -[Unit] -Description=Apache Tomcat Web Application Container -After=syslog.target network.target - -[Service] -Type=forking -ExecStart=/usr/sbin/tomcat-sysd start -ExecStop=/usr/sbin/tomcat-sysd stop -SuccessExitStatus=143 -User=tomcat -Group=tomcat - - -[Install] -WantedBy=multi-user.target diff --git a/tomcat-7.0.wrapper b/tomcat-7.0.wrapper index 8d35a2f..820c622 100644 --- a/tomcat-7.0.wrapper +++ b/tomcat-7.0.wrapper @@ -22,16 +22,11 @@ if [ -r "/etc/sysconfig/${NAME}" ]; then fi set_javacmd -cd ${CATALINA_HOME} # CLASSPATH munging -if [ ! -z "$CLASSPATH" ] ; then - CLASSPATH="$CLASSPATH": -fi - if [ -n "$JSSE_HOME" ]; then - CLASSPATH="${CLASSPATH}$(build-classpath jcert jnet jsse 2>/dev/null):" + CLASSPATH="${CLASSPATH}:$(build-classpath jcert jnet jsse 2>/dev/null)" fi -CLASSPATH="${CLASSPATH}${CATALINA_HOME}/bin/bootstrap.jar" +CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/bootstrap.jar" CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar" CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)" diff --git a/tomcat.spec b/tomcat.spec index 44882b6..4d9efbe 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 47 +%global micro_version 33 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -49,7 +49,6 @@ %global tempdir %{cachedir}/temp %global workdir %{cachedir}/work %global _initrddir %{_sysconfdir}/init.d -%global _systemddir /lib/systemd/system Name: tomcat Epoch: 0 @@ -60,7 +59,7 @@ Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{js Group: System Environment/Daemons License: ASL 2.0 URL: http://tomcat.apache.org/ -Source0: http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz +Source0: http://www.archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz Source1: %{name}-%{major_version}.%{minor_version}.conf Source2: %{name}-%{major_version}.%{minor_version}.init Source3: %{name}-%{major_version}.%{minor_version}.sysconfig @@ -71,17 +70,12 @@ Source7: %{name}-%{major_version}.%{minor_version}-tool-wrapper.script Source8: servlet-api-OSGi-MANIFEST.MF Source9: jsp-api-OSGi-MANIFEST.MF Source10: %{name}-%{major_version}.%{minor_version}-log4j.properties -Source11: %{name}-%{major_version}.%{minor_version}.service Source12: el-api-OSGi-MANIFEST.MF Source13: jasper-el-OSGi-MANIFEST.MF Source14: jasper-OSGi-MANIFEST.MF Source15: tomcat-api-OSGi-MANIFEST.MF Source16: tomcat-juli-OSGi-MANIFEST.MF -Source17: %{name}-%{major_version}.%{minor_version}-tomcat-sysd -Source18: %{name}-%{major_version}.%{minor_version}-tomcat-jsvc-sysd -Source19: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper -Source20: %{name}-%{major_version}.%{minor_version}-jsvc.service - +Source17: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch @@ -90,34 +84,32 @@ BuildArch: noarch BuildRequires: ant BuildRequires: ant-nodeps -BuildRequires: ecj >= 1:4.2.1 +BuildRequires: ant-trax +BuildRequires: ecj BuildRequires: findutils -BuildRequires: apache-commons-collections -BuildRequires: apache-commons-daemon -BuildRequires: apache-commons-dbcp -BuildRequires: apache-commons-pool +BuildRequires: jakarta-commons-collections +BuildRequires: jakarta-commons-daemon +BuildRequires: jakarta-commons-dbcp +BuildRequires: jakarta-commons-pool BuildRequires: jakarta-taglibs-standard BuildRequires: java-devel >= 1:1.6.0 BuildRequires: jpackage-utils >= 0:1.7.0 BuildRequires: junit BuildRequires: log4j -BuildRequires: geronimo-jaxrpc BuildRequires: wsdl4j -BuildRequires: systemd-units -Requires: apache-commons-daemon -Requires: apache-commons-logging -Requires: apache-commons-collections -Requires: apache-commons-dbcp -Requires: apache-commons-pool +Requires: jakarta-commons-daemon +Requires: jakarta-commons-logging +Requires: jakarta-commons-collections +Requires: jakarta-commons-dbcp +Requires: jakarta-commons-pool Requires: java >= 1:1.6.0 Requires: procps Requires: %{name}-lib = %{epoch}:%{version}-%{release} Requires(pre): shadow-utils Requires(post): chkconfig Requires(preun): chkconfig -Requires(post): systemd-units -Requires(preun): systemd-units -Requires(postun): systemd-units +Requires(post): redhat-lsb +Requires(preun): redhat-lsb %description Tomcat is the servlet container that is used in the official Reference @@ -153,21 +145,11 @@ Requires: jpackage-utils %description javadoc Javadoc generated documentation for Apache Tomcat. -%package systemv -Group: System Environment/Daemons -Summary: Systemv scripts for Apache Tomcat -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires(post): chkconfig -Requires(postun): chkconfig - -%description systemv -SystemV scripts to start and stop tomcat service - %package jsvc Group: System Environment/Daemons Summary: Apache jsvc wrapper for Apache Tomcat as separate service Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: apache-commons-daemon-jsvc +Requires: jakarta-commons-daemon-jsvc %description jsvc Systemd service and wrapper scripts to start tomcat with jsvc, @@ -193,10 +175,10 @@ Summary: Libraries needed to run the Tomcat Web container Requires: %{name}-jsp-%{jspspec}-api = %{epoch}:%{version}-%{release} Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release} Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release} -Requires: ecj >= 1:4.2.1 -Requires: apache-commons-collections -Requires: apache-commons-dbcp -Requires: apache-commons-pool +Requires: ecj +Requires: jakarta-commons-collections +Requires: jakarta-commons-dbcp +Requires: jakarta-commons-pool Requires(preun): coreutils %description lib @@ -246,9 +228,9 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar %build -export OPT_JAR_LIST="xalan-j2-serializer" +export OPT_JAR_LIST="ant/ant-trax xalan-j2-serializer" # we don't care about the tarballs and we're going to replace - # tomcat-dbcp.jar with apache-commons-{collections,dbcp,pool}-tomcat5.jar + # tomcat-dbcp.jar with jakarta-commons-{collections,dbcp,pool}-tomcat5.jar # so just create a dummy file for later removal touch HACK %{__mkdir_p} HACKDIR @@ -256,17 +238,17 @@ export OPT_JAR_LIST="xalan-j2-serializer" # who needs a build.properties file anyway %{ant} -Dbase.path="." \ -Dbuild.compiler="modern" \ - -Dcommons-collections.jar="$(build-classpath apache-commons-collections)" \ - -Dcommons-daemon.jar="$(build-classpath apache-commons-daemon)" \ + -Dcommons-collections.jar="$(build-classpath jakarta-commons-collections)" \ + -Dcommons-daemon.jar="$(build-classpath jakarta-commons-daemon)" \ -Dcommons-daemon.native.src.tgz="HACK" \ -Djasper-jdt.jar="$(build-classpath ecj)" \ -Djdt.jar="$(build-classpath ecj)" \ - -Dtomcat-dbcp.jar="$(build-classpath apache-commons-dbcp)" \ + -Dtomcat-dbcp.jar="$(build-classpath jakarta-commons-dbcp)" \ -Dtomcat-native.tar.gz="HACK" \ -Dtomcat-native.home="." \ -Dcommons-daemon.native.win.mgr.exe="HACK" \ -Dnsis.exe="HACK" \ - -Djaxrpc-lib.jar="$(build-classpath jaxrpc)" \ + -Djaxrpc-lib.jar="HACK" \ -Dwsdl4j-lib.jar="$(build-classpath wsdl4j)" \ -Dcommons-pool.home="HACKDIR" \ -Dcommons-dbcp.home="HACKDIR" \ @@ -278,7 +260,7 @@ export OPT_JAR_LIST="xalan-j2-serializer" # remove some jars that we'll replace with symlinks later %{__rm} output/build/bin/commons-daemon.jar \ output/build/lib/ecj.jar \ - output/build/lib/apache-commons-dbcp.jar + output/build/lib/jakarta-commons-dbcp.jar # remove the cruft we created %{__rm} output/build/bin/tomcat-native.tar.gz @@ -320,7 +302,6 @@ zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sbindir} %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_javadocdir}/%{name} %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_initrddir} -%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_systemddir} %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{appdir} @@ -336,7 +317,6 @@ zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{homedir} %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{tempdir} %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{workdir} -%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_unitdir} # move things into place # First copy supporting libs to tomcat lib @@ -348,7 +328,7 @@ pushd output/build %{__cp} -a webapps/* ${RPM_BUILD_ROOT}%{appdir} popd # javadoc -%{__cp} -a output/dist/webapps/docs/api/* ${RPM_BUILD_ROOT}%{_javadocdir}/%{name} +%{__cp} -a webapps/docs/api/* ${RPM_BUILD_ROOT}%{_javadocdir}/%{name} %{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \ -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \ @@ -362,16 +342,8 @@ popd ${RPM_BUILD_ROOT}%{_initrddir}/%{name} %{__install} -m 0644 %{SOURCE4} \ ${RPM_BUILD_ROOT}%{_sbindir}/%{name} -%{__install} -m 0644 %{SOURCE11} \ - ${RPM_BUILD_ROOT}%{_unitdir}/%{name}.service %{__install} -m 0644 %{SOURCE17} \ - ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-sysd -%{__install} -m 0644 %{SOURCE19} \ ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc -%{__install} -m 0644 %{SOURCE20} \ - ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-jsvc.service -%{__install} -m 0644 %{SOURCE18} \ - ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc-sysd %{__ln_s} %{name} ${RPM_BUILD_ROOT}%{_sbindir}/d%{name} %{__sed} -e "s|\@\@\@TCLOG\@\@\@|%{logdir}|g" %{SOURCE5} \ > ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} @@ -394,8 +366,8 @@ pushd ${RPM_BUILD_ROOT}%{_javadir} popd pushd output/build - %{_bindir}/build-jar-repository lib apache-commons-collections \ - apache-commons-dbcp apache-commons-pool ecj 2>&1 + %{_bindir}/build-jar-repository lib jakarta-commons-collections \ + jakarta-commons-dbcp jakarta-commons-pool ecj 2>&1 # need to use -p here with b-j-r otherwise the examples webapp fails to # load with a java.io.IOException %{_bindir}/build-jar-repository -p webapps/examples/WEB-INF/lib \ @@ -407,9 +379,8 @@ pushd ${RPM_BUILD_ROOT}%{libdir} %{__ln_s} ../%{name}-jsp-%{jspspec}-api.jar . %{__ln_s} ../%{name}-servlet-%{servletspec}-api.jar . %{__ln_s} ../%{name}-el-%{elspec}-api.jar . - %{__ln_s} $(build-classpath apache-commons-collections) commons-collections.jar - %{__ln_s} $(build-classpath apache-commons-dbcp) commons-dbcp.jar - %{__ln_s} $(build-classpath apache-commons-pool) commons-pool.jar + %{__ln_s} $(build-classpath jakarta-commons-collections) commons-collections.jar + %{__ln_s} $(build-classpath jakarta-commons-dbcp) commons-dbcp.jar %{__ln_s} $(build-classpath log4j) log4j.jar %{__ln_s} $(build-classpath ecj) jasper-jdt.jar @@ -446,49 +417,44 @@ pushd ${RPM_BUILD_ROOT}%{appdir}/examples/WEB-INF/lib %{__ln_s} -f $(build-classpath jakarta-taglibs-standard) standard.jar popd +%add_to_maven_depmap javax.servlet servlet-api %{servletspec} JPP %{name}-servlet-%{servletspec}-api +%add_to_maven_depmap org.mortbay.jetty servlet-api %{servletspec} JPP %{name}-servlet-%{servletspec}-api +mv %{buildroot}%{_mavendepmapfragdir}/%{name} %{buildroot}%{_mavendepmapfragdir}/%{name}-servlet-api + # Install the maven metadata %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_mavenpomdir} pushd output/dist/src/res/maven -for pom in *.pom; do - # fix-up version in all pom files - sed -i 's/@MAVEN.DEPLOY.VERSION@/%{version}/g' $pom -done -# we won't install dbcp, juli-adapters and juli-extras pom files -for libname in annotations-api catalina jasper-el jasper catalina-ha; do - %{__cp} -a %{name}-$libname.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-$libname.pom - %add_maven_depmap JPP.%{name}-$libname.pom %{name}/$libname.jar +#we won't install dhcp, juli-adapters and juli-extras pom files +for pom in tomcat-annotations-api.pom tomcat-catalina.pom tomcat-jasper-el.pom tomcat-jasper.pom \ + tomcat-catalina-ha.pom tomcat-api.pom; do + %{__cp} -a $pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.$pom + base=`basename $pom .pom` + %add_to_maven_depmap org.apache.tomcat $base %{version} JPP $base done # servlet-api jsp-api and el-api are not in tomcat subdir, since they are widely re-used elsewhere -%{__cp} -a tomcat-jsp-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-jsp-api.pom -%add_maven_depmap JPP-tomcat-jsp-api.pom tomcat-jsp-api.jar -f "tomcat-jsp-api" -a "javax.servlet.jsp:javax.servlet.jsp-api,javax.servlet:jsp-api,org.eclipse.jetty.orbit:javax.servlet.jsp" +for pom in tomcat-jsp-api.pom tomcat-servlet-api.pom tomcat-el-api.pom; do + %{__cp} -a $pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-$pom + base=`basename $pom .pom` + %add_to_maven_depmap org.apache.tomcat $base JPP %{name}-$base + %{__cp} -a $pom ${RPM_BUILD_ROOT}%{_mavendepmapfragdir}/$base +done -%{__cp} -a tomcat-el-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-el-api.pom -%add_maven_depmap JPP-tomcat-el-api.pom tomcat-el-api.jar -f "tomcat-el-api" -a "javax.el:javax.el-api,javax.el:el-api,org.eclipse.jetty.orbit:javax.el" - -%{__cp} -a tomcat-servlet-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-servlet-api.pom -# Generate a depmap fragment javax.servlet:servlet-api pointing to -# tomcat-servlet-3.0-api for backwards compatibility -# also provide jetty depmap (originally in jetty package, but it's cleaner to have it here -%add_maven_depmap JPP-tomcat-servlet-api.pom tomcat-servlet-api.jar -f "tomcat-servlet-api" -a "javax.servlet:servlet-api,javax.servlet:javax.servlet-api,org.mortbay.jetty:servlet-api,org.eclipse.jetty.orbit:javax.servlet" # two special pom where jar files have different names %{__cp} -a tomcat-tribes.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-catalina-tribes.pom -%add_maven_depmap JPP.%{name}-catalina-tribes.pom %{name}/catalina-tribes.jar +%add_to_maven_depmap org.apache.tomcat tribes %{version} JPP/%{name} catalina-tribes %{__cp} -a tomcat-coyote.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-coyote.pom -%add_maven_depmap JPP.%{name}-tomcat-coyote.pom %{name}/tomcat-coyote.jar +%add_to_maven_depmap org.apache.tomcat coyote %{version} JPP/%{name} tomcat-coyote %{__cp} -a tomcat-juli.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-juli.pom -%add_maven_depmap JPP.%{name}-tomcat-juli.pom %{name}/tomcat-juli.jar - -%{__cp} -a tomcat-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-api.pom -%add_maven_depmap JPP.%{name}-tomcat-api.pom %{name}/tomcat-api.jar +%add_to_maven_depmap org.apache.tomcat juli %{version} JPP/%{name} tomcat-juli %{__cp} -a tomcat-util.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-util.pom -%add_maven_depmap JPP.%{name}-tomcat-util.pom %{name}/tomcat-util.jar +%add_to_maven_depmap org.apache.tomcat util %{version} JPP/%{name} tomcat-util # replace temporary copy with link %{__ln_s} -f %{bindir}/tomcat-juli.jar ${RPM_BUILD_ROOT}%{libdir}/ @@ -505,12 +471,7 @@ EOF %{_sbindir}/useradd -c "Apache Tomcat" -u %{tcuid} -g tomcat \ -s /bin/nologin -r -d %{homedir} tomcat 2>/dev/null || : -%post -# install but don't activate -%systemd_post %{name}.service - -%post systemv -# install but don't activate +%post /sbin/chkconfig --add %{name} %post jsp-%{jspspec}-api @@ -525,17 +486,13 @@ EOF %{_sbindir}/update-alternatives --install %{_javadir}/elspec.jar elspec \ %{_javadir}/%{name}-el-%{elspec}-api.jar 20300 -%preun systemv - %{_initrddir}/%{name} stop >/dev/null 2>&1 - /sbin/chkconfig --del %{name} %preun # clean tempdir and workdir on removal or upgrade -%{__rm} -rf %{workdir}/* %{tempdir}/* -%systemd_preun %{name}.service +%{_initrddir}/%{name} stop >/dev/null 2>&1 +/sbin/chkconfig --del %{name} -%postun -%systemd_postun_with_restart %{name}.service +%{__rm} -rf %{workdir}/* %{tempdir}/* %postun jsp-%{jspspec}-api if [ "$1" = "0" ]; then @@ -556,26 +513,22 @@ if [ "$1" = "0" ]; then fi %triggerun -- tomcat < 0:7.0.22-2 -/usr/bin/systemd-sysv-convert -- save tomcat > /dev/null 2>&1 || : -# Run these becasue the SysV package being removed won't do them /sbin/chkconfig --del tomcat > /dev/null 2>&1 || : -/bin/systemctl try-restart tomcat.service > /dev/null 2>&1 || : %files %defattr(0664,root,tomcat,0755) %doc {LICENSE,NOTICE,RELEASE*} %attr(0755,root,root) %{_bindir}/%{name}-digest %attr(0755,root,root) %{_bindir}/%{name}-tool-wrapper +%attr(0755,root,root) %{_sbindir}/d%{name} %attr(0755,root,root) %{_sbindir}/%{name} -%attr(0644,root,root) %{_unitdir}/%{name}.service -%attr(0755,root,root) %{_sbindir}/%{name}-sysd +%attr(0755,root,root) %{_initrddir}/%{name} %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %attr(0755,root,tomcat) %dir %{basedir} %attr(0755,root,tomcat) %dir %{confdir} -%defattr(0664,tomcat,root,0770) -%attr(0770,tomcat,root) %dir %{logdir} %defattr(0664,root,tomcat,0770) +%attr(0770,root,tomcat) %dir %{logdir} %attr(0660,tomcat,tomcat) %{logdir}/catalina.out %attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} @@ -621,7 +574,7 @@ fi %{_javadir}/%{name}-jsp-%{jspspec}*.jar %{_javadir}/%{name}-jsp-api.jar %{_mavenpomdir}/JPP-%{name}-jsp-api.pom -%{_mavendepmapfragdir}/%{name}-tomcat-jsp-api +%{_mavendepmapfragdir}/%{name}-jsp-api %files lib %defattr(-,root,root,-) @@ -634,7 +587,7 @@ fi %{_mavenpomdir}/JPP.%{name}-catalina.pom %{_mavenpomdir}/JPP.%{name}-jasper-el.pom %{_mavenpomdir}/JPP.%{name}-jasper.pom -%{_mavenpomdir}/JPP.%{name}-tomcat-api.pom +%{_mavenpomdir}/JPP.%{name}-api.pom %{_mavenpomdir}/JPP.%{name}-tomcat-juli.pom %{_mavenpomdir}/JPP.%{name}-tomcat-coyote.pom %{_mavenpomdir}/JPP.%{name}-tomcat-util.pom @@ -646,7 +599,7 @@ fi %doc LICENSE %{_javadir}/%{name}-servlet-%{servletspec}*.jar %{_javadir}/%{name}-servlet-api.jar -%{_mavendepmapfragdir}/%{name}-tomcat-servlet-api +%{_mavendepmapfragdir}/%{name}-servlet-api %{_mavenpomdir}/JPP-%{name}-servlet-api.pom %files el-%{elspec}-api @@ -656,7 +609,7 @@ fi %{_javadir}/%{name}-el-api.jar %{libdir}/%{name}-el-%{elspec}-api.jar %{_mavenpomdir}/JPP-%{name}-el-api.pom -%{_mavendepmapfragdir}/%{name}-tomcat-el-api +%{_mavendepmapfragdir}/%{name}-el-api %files webapps @@ -665,49 +618,22 @@ fi %{appdir}/examples %{appdir}/sample -%files systemv -%defattr(755,root,root,0755) -%{_sbindir}/d%{name} -%{_initrddir}/%{name} - %files jsvc %defattr(755,root,root,0755) %{_sbindir}/%{name}-jsvc -%{_sbindir}/%{name}-jsvc-sysd -%attr(0644,root,root) %{_unitdir}/%{name}-jsvc.service %changelog -* Sun Nov 03 2013 Ivan Afonichev 0:7.0.47-1 -- Updated to 7.0.47 - -* Thu Jul 11 2013 Dmitry Tikhonov 0:7.0.42-1 -- Updated to 7.0.42 - -* Sat May 11 2013 Ivan Afonichev 0:7.0.40-1 -- Updated to 7.0.40 -- Resolves: rhbz 956569 added missing commons-pool link - -* Mon Mar 4 2013 Mikolaj Izdebski - 0:7.0.37-2 -- Add depmaps for org.eclipse.jetty.orbit -- Resolves: rhbz#917626 - -* Wed Feb 20 2013 Ivan Afonichev 0:7.0.39-1 -- Updated to 7.0.39 - -* Wed Feb 20 2013 Ivan Afonichev 0:7.0.37-1 -- Updated to 7.0.37 - -* Mon Feb 4 2013 Ivan Afonichev 0:7.0.35-1 -- Updated to 7.0.35 -- systemd SuccessExitStatus=143 for proper stop exit code processing - -* Mon Dec 24 2012 Ivan Afonichev 0:7.0.34-1 -- Updated to 7.0.34 -- ecj >= 4.2.1 now required -- Resolves: rhbz 889395 concat classpath correctly; chdir to $CATALINA_HOME - -* Fri Dec 7 2012 Ivan Afonichev 0:7.0.33-2 -- Resolves: rhbz 883806 refix logdir ownership +* Thu Feb 6 2014 Vlad Slepukhin 0.7.0.33-2 +- Rebuilded for CentOS 6.x compatibility +- Removed systemd for compatibility +- As no systemd used, systemv moved back to tomcat package +- Build now requires ant-trax for compatibility (XSLT and JavaDoc) +- Build now requires redhat-lsb for LSB libraries on CentOS +- Removed geronimo-jaxrpc as no package found in CentOS +- Renamed apache-* packages to jakarta-* ones for CentOS +- %add_maven_depmap replaced with %add_to_maven_depmap as no such Maven script exists in CentOS maven packages +- Refactored and cleaned, removing unused code +- Removed unused files needed for systemd * Sun Dec 2 2012 Ivan Afonichev 0:7.0.33-1 - Updated to 7.0.33 From 84f3874ac9f530503b97c385420b1bf085b05635 Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Fri, 7 Feb 2014 17:29:13 +0400 Subject: [PATCH 05/79] Fixing SOURCE numeration --- tomcat.spec | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 4d9efbe..29971f5 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -70,12 +70,12 @@ Source7: %{name}-%{major_version}.%{minor_version}-tool-wrapper.script Source8: servlet-api-OSGi-MANIFEST.MF Source9: jsp-api-OSGi-MANIFEST.MF Source10: %{name}-%{major_version}.%{minor_version}-log4j.properties -Source12: el-api-OSGi-MANIFEST.MF -Source13: jasper-el-OSGi-MANIFEST.MF -Source14: jasper-OSGi-MANIFEST.MF -Source15: tomcat-api-OSGi-MANIFEST.MF -Source16: tomcat-juli-OSGi-MANIFEST.MF -Source17: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper +Source11: el-api-OSGi-MANIFEST.MF +Source12: jasper-el-OSGi-MANIFEST.MF +Source13: jasper-OSGi-MANIFEST.MF +Source14: tomcat-api-OSGi-MANIFEST.MF +Source15: tomcat-juli-OSGi-MANIFEST.MF +Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch @@ -280,19 +280,19 @@ zip -u output/build/lib/servlet-api.jar META-INF/MANIFEST.MF cp -p %{SOURCE9} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF zip -u output/build/lib/jsp-api.jar META-INF/MANIFEST.MF -cp -p %{SOURCE12} META-INF/MANIFEST.MF +cp -p %{SOURCE11} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF zip -u output/build/lib/el-api.jar META-INF/MANIFEST.MF -cp -p %{SOURCE13} META-INF/MANIFEST.MF +cp -p %{SOURCE12} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF zip -u output/build/lib/jasper-el.jar META-INF/MANIFEST.MF -cp -p %{SOURCE14} META-INF/MANIFEST.MF +cp -p %{SOURCE13} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF zip -u output/build/lib/jasper.jar META-INF/MANIFEST.MF -cp -p %{SOURCE15} META-INF/MANIFEST.MF +cp -p %{SOURCE14} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF zip -u output/build/lib/tomcat-api.jar META-INF/MANIFEST.MF -cp -p %{SOURCE16} META-INF/MANIFEST.MF +cp -p %{SOURCE15} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF @@ -342,7 +342,7 @@ popd ${RPM_BUILD_ROOT}%{_initrddir}/%{name} %{__install} -m 0644 %{SOURCE4} \ ${RPM_BUILD_ROOT}%{_sbindir}/%{name} -%{__install} -m 0644 %{SOURCE17} \ +%{__install} -m 0644 %{SOURCE16} \ ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc %{__ln_s} %{name} ${RPM_BUILD_ROOT}%{_sbindir}/d%{name} %{__sed} -e "s|\@\@\@TCLOG\@\@\@|%{logdir}|g" %{SOURCE5} \ From c16cb96349cb69aa11647b67bdd0f8b60f75b864 Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Mon, 10 Feb 2014 13:27:08 +0400 Subject: [PATCH 06/79] Some security fixes, systemd stuff removal and changelog update --- tomcat.spec | 44 ++++++++++++++++++++++++++++++++++++++------ 1 file changed, 38 insertions(+), 6 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 29971f5..f005b60 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -512,7 +512,6 @@ if [ "$1" = "0" ]; then %{_javadir}/%{name}-el-%{elspec}-api.jar fi -%triggerun -- tomcat < 0:7.0.22-2 /sbin/chkconfig --del tomcat > /dev/null 2>&1 || : %files @@ -528,7 +527,7 @@ fi %attr(0755,root,tomcat) %dir %{basedir} %attr(0755,root,tomcat) %dir %{confdir} %defattr(0664,root,tomcat,0770) -%attr(0770,root,tomcat) %dir %{logdir} +%attr(0644,root,tomcat) %dir %{logdir} %attr(0660,tomcat,tomcat) %{logdir}/catalina.out %attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} @@ -624,16 +623,49 @@ fi %changelog * Thu Feb 6 2014 Vlad Slepukhin 0.7.0.33-2 -- Rebuilded for CentOS 6.x compatibility +- Rebuilded for EL6 compatibility - Removed systemd for compatibility - As no systemd used, systemv moved back to tomcat package - Build now requires ant-trax for compatibility (XSLT and JavaDoc) - Build now requires redhat-lsb for LSB libraries on CentOS -- Removed geronimo-jaxrpc as no package found in CentOS -- Renamed apache-* packages to jakarta-* ones for CentOS -- %add_maven_depmap replaced with %add_to_maven_depmap as no such Maven script exists in CentOS maven packages +- Removed geronimo-jaxrpc as no package found in EL6 +- Renamed apache-* packages to jakarta-* ones for EL6 +- %add_maven_depmap replaced with %add_to_maven_depmap as no such Maven script exists in EL6 maven packages - Refactored and cleaned, removing unused code - Removed unused files needed for systemd +- Corrected access attributes and rights management for safety purposes + +* Sun Nov 03 2013 Ivan Afonichev 0:7.0.47-1 +- Updated to 7.0.47 + +* Thu Jul 11 2013 Dmitry Tikhonov 0:7.0.42-1 +- Updated to 7.0.42 + +* Sat May 11 2013 Ivan Afonichev 0:7.0.40-1 +- Updated to 7.0.40 +- Resolves: rhbz 956569 added missing commons-pool link + +* Mon Mar 4 2013 Mikolaj Izdebski - 0:7.0.37-2 +- Add depmaps for org.eclipse.jetty.orbit +- Resolves: rhbz#917626 + +* Wed Feb 20 2013 Ivan Afonichev 0:7.0.39-1 +- Updated to 7.0.39 + +* Wed Feb 20 2013 Ivan Afonichev 0:7.0.37-1 +- Updated to 7.0.37 + +* Mon Feb 4 2013 Ivan Afonichev 0:7.0.35-1 +- Updated to 7.0.35 +- systemd SuccessExitStatus=143 for proper stop exit code processing + +* Mon Dec 24 2012 Ivan Afonichev 0:7.0.34-1 +- Updated to 7.0.34 +- ecj >= 4.2.1 now required +- Resolves: rhbz 889395 concat classpath correctly; chdir to $CATALINA_HOME + +* Fri Dec 7 2012 Ivan Afonichev 0:7.0.33-2 +- Resolves: rhbz 883806 refix logdir ownership * Sun Dec 2 2012 Ivan Afonichev 0:7.0.33-1 - Updated to 7.0.33 From 181e718899eb268600f3b32f7bc9e5c33504f85a Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Tue, 11 Feb 2014 15:55:57 +0400 Subject: [PATCH 07/79] residual lines removal --- tomcat.spec | 2 -- 1 file changed, 2 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index f005b60..a731417 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -491,7 +491,6 @@ EOF # clean tempdir and workdir on removal or upgrade %{_initrddir}/%{name} stop >/dev/null 2>&1 /sbin/chkconfig --del %{name} - %{__rm} -rf %{workdir}/* %{tempdir}/* %postun jsp-%{jspspec}-api @@ -512,7 +511,6 @@ if [ "$1" = "0" ]; then %{_javadir}/%{name}-el-%{elspec}-api.jar fi -/sbin/chkconfig --del tomcat > /dev/null 2>&1 || : %files %defattr(0664,root,tomcat,0755) From 5e8d8f659912666c25692d10759290612908f1af Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Wed, 12 Feb 2014 07:32:16 +0300 Subject: [PATCH 08/79] minor versioning fixes --- tomcat.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index a731417..ca5bbd6 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -620,7 +620,7 @@ fi %{_sbindir}/%{name}-jsvc %changelog -* Thu Feb 6 2014 Vlad Slepukhin 0.7.0.33-2 +* Thu Feb 12 2014 Vlad Slepukhin 0.7.0.33-1 - Rebuilded for EL6 compatibility - Removed systemd for compatibility - As no systemd used, systemv moved back to tomcat package From 1054595cbff98cf1fdc52db676229370bb42625e Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Fri, 14 Feb 2014 08:38:11 +0300 Subject: [PATCH 09/79] Fixing typo in spec file --- tomcat.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index ca5bbd6..5ed29db 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -620,7 +620,7 @@ fi %{_sbindir}/%{name}-jsvc %changelog -* Thu Feb 12 2014 Vlad Slepukhin 0.7.0.33-1 +* Thu Feb 12 2014 Vlad Slepukhin 0:7.0.33-1 - Rebuilded for EL6 compatibility - Removed systemd for compatibility - As no systemd used, systemv moved back to tomcat package From be363bfbe6f56a7f53b4baadbcb70dc225bc47a4 Mon Sep 17 00:00:00 2001 From: Ivan Afonichev Date: Mon, 17 Feb 2014 23:36:40 +0400 Subject: [PATCH 10/79] F20 changes reverted --- sources | 2 +- tomcat-7.0-log4j.properties | 2 +- tomcat-7.0-tomcat-sysd | 79 +++++++++ tomcat-7.0.conf | 46 +++--- tomcat-7.0.init | 319 ++++++++++++++++++++++++++++++++++++ tomcat-7.0.service | 16 +- tomcat-7.0.sysconfig | 59 ++++++- tomcat-7.0.wrapper | 79 +++++++-- tomcat-named.service | 26 --- tomcat-preamble | 50 ------ tomcat-server | 24 --- tomcat.spec | 86 +++++----- 12 files changed, 590 insertions(+), 198 deletions(-) create mode 100644 tomcat-7.0-tomcat-sysd create mode 100644 tomcat-7.0.init delete mode 100644 tomcat-named.service delete mode 100644 tomcat-preamble delete mode 100644 tomcat-server diff --git a/sources b/sources index 2bb650f..20aa8e6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4ee89bfd85f6afb31c7675b05f0469cb apache-tomcat-7.0.47-src.tar.gz +158df72e6c046fa5d46a691a7c0805e6 apache-tomcat-7.0.40-src.tar.gz diff --git a/tomcat-7.0-log4j.properties b/tomcat-7.0-log4j.properties index dfc2309..1252a64 100644 --- a/tomcat-7.0-log4j.properties +++ b/tomcat-7.0-log4j.properties @@ -1,6 +1,6 @@ log4j.rootLogger=debug, R log4j.appender.R=org.apache.log4j.RollingFileAppender -log4j.appender.R.File=${catalina.base}/logs/tomcat.log +log4j.appender.R.File=${catalina.home}/logs/tomcat.log log4j.appender.R.MaxFileSize=10MB log4j.appender.R.MaxBackupIndex=10 log4j.appender.R.layout=org.apache.log4j.PatternLayout diff --git a/tomcat-7.0-tomcat-sysd b/tomcat-7.0-tomcat-sysd new file mode 100644 index 0000000..192329c --- /dev/null +++ b/tomcat-7.0-tomcat-sysd @@ -0,0 +1,79 @@ +#!/bin/bash +# +# This script provides systemd activation of the tomcat service +# To create clones of this service: +# 1) SERVICE_NAME must be defined before calling this script +# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat +# to override tomcat defaults + +# SERVICE_NAME is a required value only if the service name is +# different from 'tomcat' +# +export NAME="${SERVICE_NAME:-tomcat}" + +#I'll bet this isn't required. +# unset ISBOOT + +# For SELinux we need to use 'runuser' not 'su' +if [ -x "/sbin/runuser" ]; then + SU="/sbin/runuser -s /bin/sh" +else + SU="/bin/su -s /bin/sh" +fi + +# Path to the tomcat launch script +TOMCAT_SCRIPT="/usr/sbin/tomcat" + +# Define the tomcat username +TOMCAT_USER="${TOMCAT_USER:-tomcat}" + +# TOMCAT_LOG should be different from catalina.out. +# Usually the below config is all that is necessary +TOMCAT_LOG=/var/log/${NAME}/${NAME}-sysd.log + +# Get the tomcat config (use this for environment specific settings) +TOMCAT_CFG="/etc/tomcat/tomcat.conf" +if [ -r "$TOMCAT_CFG" ]; then + . $TOMCAT_CFG +fi + +# Get instance specific config file +if [ -r "/etc/sysconfig/${NAME}" ]; then + . /etc/sysconfig/${NAME} +fi + +# See how we were called. +function start() { + # fix permissions on the log and pid files + export CATALINA_PID="/var/run/${NAME}.pid" + + touch $TOMCAT_LOG 2>&1 + if [ "$?" -eq "0" ]; then + chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG + fi + + if [ "$SECURITY_MANAGER" = "true" ]; then + ${TOMCAT_SCRIPT} start-security >> $TOMCAT_LOG 2>&1 + else + ${TOMCAT_SCRIPT} start #>> $TOMCAT_LOG 2>&1 + fi +} + +function stop() { + ${TOMCAT_SCRIPT} stop >> $TOMCAT_LOG 2>&1 +} + +# See how we were called. +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; +esac + diff --git a/tomcat-7.0.conf b/tomcat-7.0.conf index 03119b7..a500479 100644 --- a/tomcat-7.0.conf +++ b/tomcat-7.0.conf @@ -1,37 +1,30 @@ # System-wide configuration file for tomcat services -# This will be loaded by systemd as an environment file, -# so please keep the syntax. +# This will be sourced by tomcat and any secondary service +# Values will be overridden by service-specific configuration +# files in /etc/sysconfig # -# There are 2 "classes" of startup behavior in this package. -# The old one, the default service named tomcat.service. -# The new named instances are called tomcat@instance.service. +# Use this one to change default values for all services +# Change the service specific ones to affect only one service +# (see, for instance, /etc/sysconfig/tomcat) # -# Use this file to change default values for all services. -# Change the service specific ones to affect only one service. -# For tomcat.service it's /etc/sysconfig/tomcat, for -# tomcat@instance it's /etc/sysconfig/tomcat@instance. - -# This variable is used to figure out if config is loaded or not. -TOMCAT_CFG_LOADED="1" - -# In new-style instances, if CATALINA_BASE isn't specified, it will -# be constructed by joining TOMCATS_BASE and NAME. -TOMCATS_BASE="/var/lib/tomcats/" # Where your java installation lives JAVA_HOME="/usr/lib/jvm/jre" # Where your tomcat installation lives +CATALINA_BASE="@@@TCHOME@@@" CATALINA_HOME="@@@TCHOME@@@" - -# System-wide tmp -CATALINA_TMPDIR="/var/cache/tomcat/temp" +JASPER_HOME="@@@TCHOME@@@" +CATALINA_TMPDIR="@@@TCTEMP@@@" # You can pass some parameters to java here if you wish to #JAVA_OPTS="-Xminf0.1 -Xmaxf0.3" # Use JAVA_OPTS to set java.library.path for libtcnative.so -#JAVA_OPTS="-Djava.library.path=/usr/lib" +#JAVA_OPTS="-Djava.library.path=@@@LIBDIR@@@" + +# What user should run tomcat +TOMCAT_USER="tomcat" # You can change your tomcat locale here #LANG="en_US" @@ -40,9 +33,18 @@ CATALINA_TMPDIR="/var/cache/tomcat/temp" SECURITY_MANAGER="false" # Time to wait in seconds, before killing process -# TODO(stingray): does nothing, fix. -# SHUTDOWN_WAIT="30" +SHUTDOWN_WAIT="30" + +# Whether to annoy the user with "attempting to shut down" messages or not +SHUTDOWN_VERBOSE="false" + +# Set the TOMCAT_PID location +CATALINA_PID="/var/run/tomcat.pid" + +# Connector port is 8080 for this tomcat instance +#CONNECTOR_PORT="8080" # If you wish to further customize your tomcat environment, # put your own definitions here # (i.e. LD_LIBRARY_PATH for some jdbc drivers) + diff --git a/tomcat-7.0.init b/tomcat-7.0.init new file mode 100644 index 0000000..f5269f5 --- /dev/null +++ b/tomcat-7.0.init @@ -0,0 +1,319 @@ +#!/bin/bash +# +# tomcat This shell script takes care of starting and stopping Tomcat +# +# chkconfig: - 80 20 +# +### BEGIN INIT INFO +# Provides: tomcat +# Required-Start: $network $syslog +# Required-Stop: $network $syslog +# Default-Start: +# Default-Stop: +# Description: Release implementation for Servlet 3.0 and JSP 2.2 +# Short-Description: start and stop tomcat +### END INIT INFO +# +# - originally written by Henri Gomez, Keith Irwin, and Nicolas Mailhot +# - heavily rewritten by Deepak Bhole and Jason Corley +# + +## Source function library. +#. /etc/rc.d/init.d/functions +# Source LSB function library. +if [ -r /lib/lsb/init-functions ]; then + . /lib/lsb/init-functions +else + exit 1 +fi + +DISTRIB_ID=`lsb_release -i -s 2>/dev/null` + +NAME="$(basename $0)" +unset ISBOOT +if [ "${NAME:0:1}" = "S" -o "${NAME:0:1}" = "K" ]; then + NAME="${NAME:3}" + ISBOOT="1" +fi + +# For SELinux we need to use 'runuser' not 'su' +if [ -x "/sbin/runuser" ]; then + SU="/sbin/runuser -s /bin/sh" +else + SU="/bin/su -s /bin/sh" +fi + +# Get the tomcat config (use this for environment specific settings) +TOMCAT_CFG="/etc/tomcat/tomcat.conf" +if [ -r "$TOMCAT_CFG" ]; then + . $TOMCAT_CFG +fi + +# Get instance specific config file +if [ -r "/etc/sysconfig/${NAME}" ]; then + . /etc/sysconfig/${NAME} +fi + +# Define which connector port to use +CONNECTOR_PORT="${CONNECTOR_PORT:-8080}" + +# Path to the tomcat launch script +TOMCAT_SCRIPT="/usr/sbin/tomcat" + +# Tomcat program name +TOMCAT_PROG="${NAME}" + +# Define the tomcat username +TOMCAT_USER="${TOMCAT_USER:-tomcat}" + +# Define the tomcat log file +TOMCAT_LOG="${TOMCAT_LOG:-${CATALINA_HOME}/logs/${NAME}-initd.log}" + + +RETVAL="0" + +# Look for open ports, as the function name might imply +function findFreePorts() { + local isSet1="false" + local isSet2="false" + local isSet3="false" + local lower="8000" + randomPort1="0" + randomPort2="0" + randomPort3="0" + local -a listeners="( $( + netstat -ntl | \ + awk '/^tcp/ {gsub("(.)*:", "", $4); print $4}' + ) )" + while [ "$isSet1" = "false" ] || \ + [ "$isSet2" = "false" ] || \ + [ "$isSet3" = "false" ]; do + let port="${lower}+${RANDOM:0:4}" + if [ -z `expr " ${listeners[*]} " : ".*\( $port \).*"` ]; then + if [ "$isSet1" = "false" ]; then + export randomPort1="$port" + isSet1="true" + elif [ "$isSet2" = "false" ]; then + export randomPort2="$port" + isSet2="true" + elif [ "$isSet3" = "false" ]; then + export randomPort3="$port" + isSet3="true" + fi + fi + done +} + +function makeHomeDir() { + if [ ! -d "$CATALINA_HOME" ]; then + echo "$CATALINA_HOME does not exist, creating" + if [ ! -d "/usr/share/${NAME}" ]; then + mkdir /usr/share/${NAME} + cp -pLR /usr/share/tomcat/* /usr/share/${NAME} + fi + mkdir -p /var/log/${NAME} \ + /var/cache/${NAME} \ + /var/tmp/${NAME} + ln -fs /var/cache/${NAME} ${CATALINA_HOME}/work + ln -fs /var/tmp/${NAME} ${CATALINA_HOME}/temp + cp -pLR /usr/share/${NAME}/bin $CATALINA_HOME + cp -pLR /usr/share/${NAME}/conf $CATALINA_HOME + ln -fs /usr/share/java/tomcat ${CATALINA_HOME}/lib + ln -fs /usr/share/tomcat/webapps ${CATALINA_HOME}/webapps + chown ${TOMCAT_USER}:${TOMCAT_USER} /var/log/${NAME} + fi +} + +function parseOptions() { + options="" + options="$options $( + awk '!/^#/ && !/^$/ { ORS=" "; print "export ", $0, ";" }' \ + $TOMCAT_CFG + )" + if [ -r "/etc/sysconfig/${NAME}" ]; then + options="$options $( + awk '!/^#/ && !/^$/ { ORS=" "; + print "export ", $0, ";" }' \ + /etc/sysconfig/${NAME} + )" + fi + TOMCAT_SCRIPT="$options ${TOMCAT_SCRIPT}" +} + +# See how we were called. +function start() { + + echo -n "Starting ${TOMCAT_PROG}: " + if [ "$RETVAL" != "0" ]; then + log_failure_msg + return + fi + if [ -f "/var/lock/subsys/${NAME}" ]; then + if [ -s "/var/run/${NAME}.pid" ]; then + read kpid < /var/run/${NAME}.pid +# if checkpid $kpid 2>&1; then + if [ -d "/proc/${kpid}" ]; then + log_success_msg + if [ "$DISTRIB_ID" = "MandrivaLinux" ]; then + echo + fi + return 0 + fi + fi + fi + # fix permissions on the log and pid files + export CATALINA_PID="/var/run/${NAME}.pid" + touch $CATALINA_PID 2>&1 || RETVAL="4" + if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then + chown ${TOMCAT_USER}:${TOMCAT_USER} $CATALINA_PID + fi + [ "$RETVAL" -eq "0" ] && touch $TOMCAT_LOG 2>&1 || RETVAL="4" + if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then + chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG + fi + if [ "$CATALINA_HOME" != "/usr/share/tomcat" -a "$RETVAL" -eq "0" ]; then + # Create a tomcat directory if it doesn't exist + makeHomeDir + # If CATALINA_HOME doesn't exist modify port number so that + # multiple instances don't interfere with each other + findFreePorts + sed -i -e "s/8005/${randomPort1}/g" -e "s/8080/${CONNECTOR_PORT}/g" \ + -e "s/8009/${randomPort2}/g" -e "s/8443/${randomPort3}/g" \ + ${CATALINA_HOME}/conf/server.xml + fi + parseOptions + if [ "$RETVAL" -eq "0" -a "$SECURITY_MANAGER" = "true" ]; then + $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start-security" \ + >> ${TOMCAT_LOG} 2>&1 || RETVAL="4" + else + + [ "$RETVAL" -eq "0" ] && $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start" >> ${TOMCAT_LOG} 2>&1 || RETVAL="4" + fi + if [ "$RETVAL" -eq "0" ]; then + log_success_msg + touch /var/lock/subsys/${NAME} + else + log_failure_msg "Error code ${RETVAL}" + fi + if [ "$DISTRIB_ID" = "MandrivaLinux" ]; then + echo + fi +} + +function stop() { + echo -n "Stopping ${TOMCAT_PROG}: " + if [ -f "/var/lock/subsys/${NAME}" ]; then + parseOptions + if [ "$RETVAL" -eq "0" ]; then + touch /var/lock/subsys/${NAME} 2>&1 || RETVAL="4" + [ "$RETVAL" -eq "0" ] && $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} stop" >> ${TOMCAT_LOG} 2>&1 || RETVAL="4" + fi + if [ "$RETVAL" -eq "0" ]; then + count="0" + if [ -s "/var/run/${NAME}.pid" ]; then + read kpid < /var/run/${NAME}.pid + until [ "$(ps --pid $kpid | grep -c $kpid)" -eq "0" ] || \ + [ "$count" -gt "$SHUTDOWN_WAIT" ]; do + if [ "$SHUTDOWN_VERBOSE" = "true" ]; then + echo "waiting for processes $kpid to exit" + fi + sleep 1 + let count="${count}+1" + done + if [ "$count" -gt "$SHUTDOWN_WAIT" ]; then + if [ "$SHUTDOWN_VERBOSE" = "true" ]; then + log_warning_msg "killing processes which did not stop after ${SHUTDOWN_WAIT} seconds" + fi + kill -9 $kpid + fi + log_success_msg + fi + rm -f /var/lock/subsys/${NAME} /var/run/${NAME}.pid + else + log_failure_msg + RETVAL="4" + fi + else + log_success_msg + RETVAL="0" + fi + if [ "$DISTRIB_ID" = "MandrivaLinux" ]; then + echo + fi +} + +function usage() +{ + echo "Usage: $0 {start|stop|restart|condrestart|try-restart|reload|force-reload|status|version}" + RETVAL="2" +} + +# See how we were called. +RETVAL="0" +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; + condrestart|try-restart) + if [ -s "/var/run/${NAME}.pid" ]; then + stop + start + fi + ;; + reload) + RETVAL="3" + ;; + force-reload) + if [ -s "/var/run/${NAME}.pid" ]; then + stop + start + fi + ;; + status) + if [ -s "/var/run/${NAME}.pid" ]; then + read kpid < /var/run/${NAME}.pid + if [ -d "/proc/${kpid}" ]; then + log_success_msg "${NAME} (pid ${kpid}) is running..." + RETVAL="0" + else +# The pid file exists but the process is not running + log_warning_msg "PID file exists, but process is not running" + RETVAL="1" + fi + else + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} java)" + if [ -z "$pid" ]; then +# status ${NAME} +# RETVAL="$?" + log_success_msg "${NAME} is stopped" + RETVAL="3" + else + log_success_msg "${NAME} (pid $pid) is running..." + RETVAL="0" + fi + fi + if [ -f /var/lock/subsys/${NAME} ]; then + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} java)" +# The lockfile exists but the process is not running + if [ -z "$pid" ]; then + log_failure_msg "${NAME} lockfile exists but process is not running" + RETVAL="2" + fi + fi + ;; + version) + ${TOMCAT_SCRIPT} version + ;; + *) + usage + ;; +esac + +exit $RETVAL diff --git a/tomcat-7.0.service b/tomcat-7.0.service index 103d464..e2ab30c 100644 --- a/tomcat-7.0.service +++ b/tomcat-7.0.service @@ -1,19 +1,19 @@ -# Systemd unit file for default tomcat +# Systemd unit file for tomcat # # To create clones of this service: -# DO NOTHING, use tomcat@.service instead. +# 1) By default SERVICE_NAME=tomcat. When cloned, the value must be defined +# before tomcat-sysd is called. +# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat +# to override tomcat defaults [Unit] Description=Apache Tomcat Web Application Container After=syslog.target network.target [Service] -Type=simple -EnvironmentFile=/etc/tomcat/tomcat.conf -Environment="NAME=" -EnvironmentFile=-/etc/sysconfig/tomcat -ExecStart=/usr/libexec/tomcat/server start -ExecStop=/usr/libexec/tomcat/server stop +Type=forking +ExecStart=/usr/sbin/tomcat-sysd start +ExecStop=/usr/sbin/tomcat-sysd stop SuccessExitStatus=143 User=tomcat Group=tomcat diff --git a/tomcat-7.0.sysconfig b/tomcat-7.0.sysconfig index 3117bf7..c1337e8 100644 --- a/tomcat-7.0.sysconfig +++ b/tomcat-7.0.sysconfig @@ -1,11 +1,56 @@ # Service-specific configuration file for tomcat. This will be sourced by -# systemd for the default service (tomcat.service) -# If you want to customize named instance, make a similar file -# and name it tomcat@instancename. +# the SysV init script after the global configuration file +# /etc/tomcat/tomcat.conf, thus allowing values to be overridden in +# a per-service manner. +# +# NEVER change the init script itself. To change values for all services make +# your changes in /etc/tomcat/tomcat.conf +# +# To change values for a specific service make your edits here. +# To create a new service create a link from /etc/init.d/ to +# /etc/init.d/tomcat (do not copy the init script) and make a copy of the +# /etc/sysconfig/tomcat file to /etc/sysconfig/ and change +# the property values so the two services won't conflict. Register the new +# service in the system as usual (see chkconfig and similars). +# -# You will not need to set this, usually. For default service it equals -# CATALINA_HOME. For named service, it equals ${TOMCATS_BASE}${NAME} +# Where your java installation lives +#JAVA_HOME="/usr/lib/jvm/java" + +# Where your tomcat installation lives #CATALINA_BASE="@@@TCHOME@@@" +#CATALINA_HOME="@@@TCHOME@@@" +#JASPER_HOME="@@@TCHOME@@@" +#CATALINA_TMPDIR="@@@TCTEMP@@@" + +# You can pass some parameters to java here if you wish to +#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3" + +# Use JAVA_OPTS to set java.library.path for libtcnative.so +#JAVA_OPTS="-Djava.library.path=@@@LIBDIR@@@" + +# What user should run tomcat +#TOMCAT_USER="tomcat" + +# You can change your tomcat locale here +#LANG="en_US" + +# Run tomcat under the Java Security Manager +#SECURITY_MANAGER="false" + +# Time to wait in seconds, before killing process +#SHUTDOWN_WAIT="30" + +# Whether to annoy the user with "attempting to shut down" messages or not +#SHUTDOWN_VERBOSE="false" + +# Set the TOMCAT_PID location +#CATALINA_PID="/var/run/tomcat.pid" + +# Connector port is 8080 for this tomcat instance +#CONNECTOR_PORT="8080" + +# If you wish to further customize your tomcat environment, +# put your own definitions here +# (i.e. LD_LIBRARY_PATH for some jdbc drivers) -# Please take a look at /etc/tomcat/tomcat.conf to have an idea what you -# can override. diff --git a/tomcat-7.0.wrapper b/tomcat-7.0.wrapper index c97cb85..8d35a2f 100644 --- a/tomcat-7.0.wrapper +++ b/tomcat-7.0.wrapper @@ -1,24 +1,83 @@ #!/bin/bash -if [ "$1" = "version" ]; then - . /usr/libexec/tomcat/preamble - exec ${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \ - org.apache.catalina.util.ServerInfo +if [ -r /usr/share/java-utils/java-functions ]; then + . /usr/share/java-utils/java-functions +else + echo "Can't read Java functions library, aborting" + exit 1 fi -SRV="tomcat" -if [ -n "$2" ]; then - SRV="tomcat@$2" +# Get the tomcat config (use this for environment specific settings) +if [ -z "${TOMCAT_CFG}" ]; then + TOMCAT_CFG="/etc/tomcat/tomcat.conf" fi +if [ -r "$TOMCAT_CFG" ]; then + . $TOMCAT_CFG +fi + +# Get instance specific config file +if [ -r "/etc/sysconfig/${NAME}" ]; then + . /etc/sysconfig/${NAME} +fi + +set_javacmd +cd ${CATALINA_HOME} +# CLASSPATH munging +if [ ! -z "$CLASSPATH" ] ; then + CLASSPATH="$CLASSPATH": +fi + +if [ -n "$JSSE_HOME" ]; then + CLASSPATH="${CLASSPATH}$(build-classpath jcert jnet jsse 2>/dev/null):" +fi +CLASSPATH="${CLASSPATH}${CATALINA_HOME}/bin/bootstrap.jar" +CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar" +CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)" + if [ "$1" = "start" ]; then - systemctl start ${SRV}.service + ${JAVACMD} $JAVA_OPTS $CATALINA_OPTS \ + -classpath "$CLASSPATH" \ + -Dcatalina.base="$CATALINA_BASE" \ + -Dcatalina.home="$CATALINA_HOME" \ + -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \ + -Djava.io.tmpdir="$CATALINA_TMPDIR" \ + -Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \ + -Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \ + org.apache.catalina.startup.Bootstrap start \ + >> ${CATALINA_BASE}/logs/catalina.out 2>&1 & + if [ ! -z "$CATALINA_PID" ]; then + echo $! > $CATALINA_PID + fi +elif [ "$1" = "start-security" ]; then + ${JAVACMD} $JAVA_OPTS $CATALINA_OPTS \ + -classpath "$CLASSPATH" \ + -Dcatalina.base="$CATALINA_BASE" \ + -Dcatalina.home="$CATALINA_HOME" \ + -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \ + -Djava.io.tmpdir="$CATALINA_TMPDIR" \ + -Djava.security.manager \ + -Djava.security.policy=="${CATALINA_BASE}/conf/catalina.policy" \ + -Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \ + -Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \ + org.apache.catalina.startup.Bootstrap start \ + >> ${CATALINA_BASE}/logs/catalina.out 2>&1 & + if [ ! -z "$CATALINA_PID" ]; then + echo $! > $CATALINA_PID + fi elif [ "$1" = "stop" ]; then - systemctl stop ${SRV}.service + ${JAVACMD} $JAVA_OPTS \ + -classpath "$CLASSPATH" \ + -Dcatalina.base="$CATALINA_BASE" \ + -Dcatalina.home="$CATALINA_HOME" \ + -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \ + -Djava.io.tmpdir="$CATALINA_TMPDIR" \ + org.apache.catalina.startup.Bootstrap stop \ + >> ${CATALINA_BASE}/logs/catalina.out 2>&1 elif [ "$1" = "version" ]; then ${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \ org.apache.catalina.util.ServerInfo else - echo "Usage: $0 {start|stop|version} [server-id]" + echo "Usage: $0 {start|start-security|stop|version}" exit 1 fi diff --git a/tomcat-named.service b/tomcat-named.service deleted file mode 100644 index 9bbcb17..0000000 --- a/tomcat-named.service +++ /dev/null @@ -1,26 +0,0 @@ -# Systemd unit file for tomcat instances. -# -# To create clones of this service: -# 0. systemctl enable tomcat@name.service -# 1. create catalina.base directory structure in -# /var/lib/tomcats/name -# 2. profit. - -[Unit] -Description=Apache Tomcat Web Application Container -After=syslog.target network.target - -[Service] -Type=simple -EnvironmentFile=/etc/tomcat/tomcat.conf -Environment="NAME=%I" -EnvironmentFile=-/etc/sysconfig/tomcat@%I -ExecStart=/usr/libexec/tomcat/server start -ExecStop=/usr/libexec/tomcat/server stop -SuccessExitStatus=143 -User=tomcat -Group=tomcat - -[Install] -WantedBy=multi-user.target - diff --git a/tomcat-preamble b/tomcat-preamble deleted file mode 100644 index 9627522..0000000 --- a/tomcat-preamble +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -if [ -r /usr/share/java-utils/java-functions ]; then - . /usr/share/java-utils/java-functions -else - echo "Can't read Java functions library, aborting" - exit 1 -fi - -# Get the tomcat config (use this for environment specific settings) - -if [ -z "${TOMCAT_CFG_LOADED}" ]; then - if [ -z "${TOMCAT_CFG}" ]; then - TOMCAT_CFG="/etc/tomcat/tomcat.conf" - fi - . $TOMCAT_CFG -fi - -if [ -z "$CATALINA_BASE" ]; then - if [ -n "$NAME" ]; then - if [ -z "$TOMCATS_BASE" ]; then - TOMCATS_BASE="/var/lib/tomcats/" - fi - CATALINA_BASE="${TOMCATS_BASE}${NAME}" - else - CATALINA_BASE="${CATALINA_HOME}" - fi -fi - -VERBOSE=1 -set_javacmd -cd ${CATALINA_HOME} -# CLASSPATH munging -if [ ! -z "$CLASSPATH" ] ; then - CLASSPATH="$CLASSPATH": -fi - -if [ -n "$JSSE_HOME" ]; then - CLASSPATH="${CLASSPATH}$(build-classpath jcert jnet jsse 2>/dev/null):" -fi -CLASSPATH="${CLASSPATH}${CATALINA_HOME}/bin/bootstrap.jar" -CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar" -CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)" - -if [ -z "$LOGGING_PROPERTIES" ] ; then - LOGGING_PROPERTIES="${CATALINA_BASE}/conf/logging.properties" - if [ ! -f "${LOGGING_PROPERTIES}" ] ; then - LOGGING_PROPERTIES="${CATALINA_HOME}/conf/logging.properties" - fi -fi diff --git a/tomcat-server b/tomcat-server deleted file mode 100644 index bd55999..0000000 --- a/tomcat-server +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -. /usr/libexec/tomcat/preamble - -MAIN_CLASS=org.apache.catalina.startup.Bootstrap - -FLAGS="$JAVA_OPTS $CATALINA_OPTS" -OPTIONS="-Dcatalina.base=$CATALINA_BASE \ --Dcatalina.home=$CATALINA_HOME \ --Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS \ --Djava.io.tmpdir=$CATALINA_TMPDIR \ --Djava.util.logging.config.file=${LOGGING_PROPERTIES} \ --Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager" - -if [ "$1" = "start" ] ; then - if [ "${SECURITY_MANAGER}" = "true" ] ; then - OPTIONS="${OPTIONS} \ - -Djava.security.manager \ - -Djava.security.policy==${CATALINA_BASE}/conf/catalina.policy" - fi - run start -elif [ "$1" = "stop" ] ; then - run stop -fi diff --git a/tomcat.spec b/tomcat.spec index fb9ef77..99d432d 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 47 +%global micro_version 40 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -54,7 +54,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 3%{?dist} +Release: 2%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -62,6 +62,7 @@ License: ASL 2.0 URL: http://tomcat.apache.org/ Source0: http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz Source1: %{name}-%{major_version}.%{minor_version}.conf +Source2: %{name}-%{major_version}.%{minor_version}.init Source3: %{name}-%{major_version}.%{minor_version}.sysconfig Source4: %{name}-%{major_version}.%{minor_version}.wrapper Source5: %{name}-%{major_version}.%{minor_version}.logrotate @@ -76,12 +77,11 @@ Source13: jasper-el-OSGi-MANIFEST.MF Source14: jasper-OSGi-MANIFEST.MF Source15: tomcat-api-OSGi-MANIFEST.MF Source16: tomcat-juli-OSGi-MANIFEST.MF +Source17: %{name}-%{major_version}.%{minor_version}-tomcat-sysd Source18: %{name}-%{major_version}.%{minor_version}-tomcat-jsvc-sysd Source19: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Source20: %{name}-%{major_version}.%{minor_version}-jsvc.service -Source30: tomcat-preamble -Source31: tomcat-server -Source32: tomcat-named.service + Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch @@ -109,7 +109,6 @@ Requires: apache-commons-collections Requires: apache-commons-dbcp Requires: apache-commons-pool Requires: java >= 1:1.6.0 -Requires: jpackage-utils Requires: procps Requires: %{name}-lib = %{epoch}:%{version}-%{release} Requires(pre): shadow-utils @@ -153,6 +152,16 @@ Requires: jpackage-utils %description javadoc Javadoc generated documentation for Apache Tomcat. +%package systemv +Group: System Environment/Daemons +Summary: Systemv scripts for Apache Tomcat +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires(post): chkconfig +Requires(postun): chkconfig + +%description systemv +SystemV scripts to start and stop tomcat service + %package jsvc Group: System Environment/Daemons Summary: Apache jsvc wrapper for Apache Tomcat as separate service @@ -327,7 +336,6 @@ zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{tempdir} %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{workdir} %{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_unitdir} -%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_libexecdir}/%{name} # move things into place # First copy supporting libs to tomcat lib @@ -349,16 +357,21 @@ popd -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \ -e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE3} \ > ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/%{name} +%{__install} -m 0644 %{SOURCE2} \ + ${RPM_BUILD_ROOT}%{_initrddir}/%{name} %{__install} -m 0644 %{SOURCE4} \ ${RPM_BUILD_ROOT}%{_sbindir}/%{name} %{__install} -m 0644 %{SOURCE11} \ ${RPM_BUILD_ROOT}%{_unitdir}/%{name}.service +%{__install} -m 0644 %{SOURCE17} \ + ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-sysd %{__install} -m 0644 %{SOURCE19} \ ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc %{__install} -m 0644 %{SOURCE20} \ ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-jsvc.service %{__install} -m 0644 %{SOURCE18} \ ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc-sysd +%{__ln_s} %{name} ${RPM_BUILD_ROOT}%{_sbindir}/d%{name} %{__sed} -e "s|\@\@\@TCLOG\@\@\@|%{logdir}|g" %{SOURCE5} \ > ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} %{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \ @@ -369,14 +382,6 @@ popd -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \ -e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE7} \ > ${RPM_BUILD_ROOT}%{_bindir}/%{name}-tool-wrapper - -%{__install} -m 0755 %{SOURCE30} \ - ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/preamble -%{__install} -m 0755 %{SOURCE31} \ - ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/server -%{__install} -m 0644 %{SOURCE32} \ - ${RPM_BUILD_ROOT}%{_unitdir}/%{name}@.service - # create jsp and servlet API symlinks pushd ${RPM_BUILD_ROOT}%{_javadir} %{__mv} %{name}/jsp-api.jar %{name}-jsp-%{jspspec}-api.jar @@ -468,9 +473,6 @@ done # also provide jetty depmap (originally in jetty package, but it's cleaner to have it here %add_maven_depmap JPP-tomcat-servlet-api.pom tomcat-servlet-api.jar -f "tomcat-servlet-api" -a "javax.servlet:servlet-api,javax.servlet:javax.servlet-api,org.mortbay.jetty:servlet-api,org.eclipse.jetty.orbit:javax.servlet" -# replace temporary copy with link -%{__ln_s} -f $(abs2rel %{bindir}/tomcat-juli.jar %{libdir}) ${RPM_BUILD_ROOT}%{libdir}/ - # two special pom where jar files have different names %{__cp} -a tomcat-tribes.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-catalina-tribes.pom %add_maven_depmap JPP.%{name}-catalina-tribes.pom %{name}/catalina-tribes.jar @@ -487,6 +489,9 @@ done %{__cp} -a tomcat-util.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-util.pom %add_maven_depmap JPP.%{name}-tomcat-util.pom %{name}/tomcat-util.jar +# replace temporary copy with link +%{__ln_s} -f %{bindir}/tomcat-juli.jar ${RPM_BUILD_ROOT}%{libdir}/ + mkdir -p ${RPM_BUILD_ROOT}%{_prefix}/lib/tmpfiles.d cat > ${RPM_BUILD_ROOT}%{_prefix}/lib/tmpfiles.d/%{name}.conf </dev/null 2>&1 + /sbin/chkconfig --del %{name} + %preun # clean tempdir and workdir on removal or upgrade %{__rm} -rf %{workdir}/* %{tempdir}/* @@ -554,10 +567,7 @@ fi %attr(0755,root,root) %{_bindir}/%{name}-tool-wrapper %attr(0755,root,root) %{_sbindir}/%{name} %attr(0644,root,root) %{_unitdir}/%{name}.service -%attr(0644,root,root) %{_unitdir}/%{name}@.service -%attr(0755,root,root) %dir %{_libexecdir}/%{name} -%attr(0755,root,root) %{_libexecdir}/%{name}/preamble -%attr(0755,root,root) %{_libexecdir}/%{name}/server +%attr(0755,root,root) %{_sbindir}/%{name}-sysd %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %attr(0755,root,tomcat) %dir %{basedir} @@ -654,6 +664,11 @@ fi %{appdir}/examples %{appdir}/sample +%files systemv +%defattr(755,root,root,0755) +%{_sbindir}/d%{name} +%{_initrddir}/%{name} + %files jsvc %defattr(755,root,root,0755) %{_sbindir}/%{name}-jsvc @@ -661,33 +676,6 @@ fi %attr(0644,root,root) %{_unitdir}/%{name}-jsvc.service %changelog -* Tue Jan 21 2014 Mikolaj Izdebski - 0:7.0.47-3 -- Fix installation of Maven metadata for tomcat-juli.jar -- Resolves: rhbz#1033664 - -* Wed Jan 15 2014 Stanislav Ochotnicky - 0:7.0.47-2 -- Rebuild for bug #1033664 - -* Sun Nov 03 2013 Ivan Afonichev 0:7.0.47-1 -- Updated to 7.0.47 -- Fix java.security.policy - -* Sun Aug 04 2013 Fedora Release Engineering - 0:7.0.42-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Fri Jul 12 2013 Ivan Afonichev 0:7.0.42-2 -- Remove jpackage-utils R - -* Thu Jul 11 2013 Dmitry Tikhonov 0:7.0.42-1 -- Updated to 7.0.42 - -* Tue Jun 11 2013 Paul Komkoff 0:7.0.40-3 -- Dropped systemv inits. Bye-bye. -- Updated the systemd wrappers to allow running multiple instances. - Added wrapper scripts to do that, ported the original non-named - service file to work with the same wrappers, updated - /usr/sbin/tomcat to call systemctl. - * Sat May 11 2013 Ivan Afonichev 0:7.0.40-1 - Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link From 2f93af69c5f97f768680121f41d4545ac9ffe2c6 Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Tue, 18 Feb 2014 11:17:37 +0300 Subject: [PATCH 11/79] Typo in Source0 fixed --- tomcat.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index 5ed29db..dfadf41 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -59,7 +59,7 @@ Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{js Group: System Environment/Daemons License: ASL 2.0 URL: http://tomcat.apache.org/ -Source0: http://www.archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz +Source0: http://archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz Source1: %{name}-%{major_version}.%{minor_version}.conf Source2: %{name}-%{major_version}.%{minor_version}.init Source3: %{name}-%{major_version}.%{minor_version}.sysconfig From 0e914b1053935e8ba584779a4794d2de777e1dc1 Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Thu, 20 Feb 2014 10:28:35 +0400 Subject: [PATCH 12/79] Typo in date fixed --- tomcat.spec | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 2f23497..d065aa4 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -620,7 +620,7 @@ fi %{_sbindir}/%{name}-jsvc %changelog -* Thu Feb 12 2014 Vlad Slepukhin 0:7.0.33-1 +* Thu Feb 20 2014 Vlad Slepukhin 0:7.0.33-1 - Rebuilded for EL6 compatibility - Removed systemd for compatibility - As no systemd used, systemv moved back to tomcat package @@ -642,7 +642,6 @@ fi * Sat May 11 2013 Ivan Afonichev 0:7.0.40-1 - Updated to 7.0.40 - Resolves: rhbz 956569 added missing commons-pool link -- Remove ant-nodeps BR * Mon Mar 4 2013 Mikolaj Izdebski - 0:7.0.37-2 - Add depmaps for org.eclipse.jetty.orbit From c091d4485f96517fea2a51e73d97f02f662a434e Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Tue, 25 Feb 2014 10:45:01 +0400 Subject: [PATCH 13/79] added platform restriction due to obligatory java >=1.6 --- tomcat.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index d065aa4..0d5a52a 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 1%{?dist} +Release: 2%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -82,6 +82,8 @@ Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.pat BuildArch: noarch +ExclusiveArch: x86_64 i686 + BuildRequires: ant BuildRequires: ant-nodeps BuildRequires: ant-trax @@ -620,6 +622,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Mon Feb 24 2014 Vlad Slepukhin 0:7.0.33-2 +- Restrctied to x86_64 and i686 platforms as now requires java 1.6 or later for building and running + * Thu Feb 20 2014 Vlad Slepukhin 0:7.0.33-1 - Rebuilded for EL6 compatibility - Removed systemd for compatibility From a6c97575bfc1953214bb93d4e910583925e66e05 Mon Sep 17 00:00:00 2001 From: Vlad Slepukhin Date: Wed, 26 Feb 2014 14:24:03 +0400 Subject: [PATCH 14/79] changing ExclusiveArch to ExcludeArch because of bug --- tomcat.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 0d5a52a..2919271 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 2%{?dist} +Release: 3%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -82,7 +82,7 @@ Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.pat BuildArch: noarch -ExclusiveArch: x86_64 i686 +ExcludeArch: ppc64 BuildRequires: ant BuildRequires: ant-nodeps @@ -622,6 +622,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Wed Feb 26 2014 Vlad Slepukhin 0:7.0.33-3 +- Changed ExclusiveArch to ExcludeArch due to bug appearing during build with this parameter + * Mon Feb 24 2014 Vlad Slepukhin 0:7.0.33-2 - Restrctied to x86_64 and i686 platforms as now requires java 1.6 or later for building and running From 9661f8da0d7e82b63ef65ebe467e0eb103ae624f Mon Sep 17 00:00:00 2001 From: Vlad Selpukhin Date: Thu, 1 May 2014 00:11:18 +0400 Subject: [PATCH 15/79] fixed bug 1080195 --- tomcat-7.0.wrapper | 5 ----- tomcat.spec | 8 ++++++-- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/tomcat-7.0.wrapper b/tomcat-7.0.wrapper index 820c622..d6db6e8 100644 --- a/tomcat-7.0.wrapper +++ b/tomcat-7.0.wrapper @@ -16,11 +16,6 @@ if [ -r "$TOMCAT_CFG" ]; then . $TOMCAT_CFG fi -# Get instance specific config file -if [ -r "/etc/sysconfig/${NAME}" ]; then - . /etc/sysconfig/${NAME} -fi - set_javacmd # CLASSPATH munging if [ -n "$JSSE_HOME" ]; then diff --git a/tomcat.spec b/tomcat.spec index 2919271..67431be 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 3%{?dist} +Release: 4%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -527,7 +527,7 @@ fi %attr(0755,root,tomcat) %dir %{basedir} %attr(0755,root,tomcat) %dir %{confdir} %defattr(0664,root,tomcat,0770) -%attr(0644,root,tomcat) %dir %{logdir} +%attr(0770,root,tomcat) %dir %{logdir} %attr(0660,tomcat,tomcat) %{logdir}/catalina.out %attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} @@ -622,6 +622,10 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Tue Apr 29 2014 Vlad Slepukhin 0:7.0.33-4 +- Fixed bug not allowing Tomcat to start properly connected with access privleges to the logging directory +- Removed residual systemd configuration from the wrapper + * Wed Feb 26 2014 Vlad Slepukhin 0:7.0.33-3 - Changed ExclusiveArch to ExcludeArch due to bug appearing during build with this parameter From ae0ef248d658612c597f334b87e2130bb355d0c8 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Mon, 16 Nov 2015 09:10:29 -0500 Subject: [PATCH 16/79] Updated to 7.0.65 --- add_parent_logger_getter.patch | 29 ------- sources | 2 +- tomcat-7.0.57-CompilerOptionsV8.patch | 109 ++++++++++++++++++++++++++ tomcat.spec | 20 +++-- 4 files changed, 124 insertions(+), 36 deletions(-) delete mode 100644 add_parent_logger_getter.patch create mode 100644 tomcat-7.0.57-CompilerOptionsV8.patch diff --git a/add_parent_logger_getter.patch b/add_parent_logger_getter.patch deleted file mode 100644 index 40b9268..0000000 --- a/add_parent_logger_getter.patch +++ /dev/null @@ -1,29 +0,0 @@ ---- modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java.sav 2012-01-17 13:55:44.000000000 +0400 -+++ modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java 2012-01-22 00:44:22.299789107 +0400 -@@ -19,9 +19,11 @@ package org.apache.tomcat.jdbc.pool; - import java.io.PrintWriter; - import java.sql.Connection; - import java.sql.SQLException; -+import java.sql.SQLFeatureNotSupportedException; - import java.util.Iterator; - import java.util.Properties; - import java.util.concurrent.Future; -+import java.util.logging.Logger; - - import javax.sql.XAConnection; - -@@ -534,6 +536,14 @@ public class DataSourceProxy implements - } - - /** -+ * no-op -+ * {@link javax.sql.DataSource#getParentLogger} -+ */ -+ public Logger getParentLogger() throws SQLFeatureNotSupportedException { -+ throw new SQLFeatureNotSupportedException(); -+ } -+ -+ /** - * no-op - * {@link javax.sql.DataSource#getLogWriter} - */ diff --git a/sources b/sources index b76a2e2..08fad59 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1693d330f195366a6cd852bf3ce3eb95 apache-tomcat-7.0.33-src.tar.gz +f26a57bbb9713c1a101e37243eaa2175 apache-tomcat-7.0.65-src.tar.gz diff --git a/tomcat-7.0.57-CompilerOptionsV8.patch b/tomcat-7.0.57-CompilerOptionsV8.patch new file mode 100644 index 0000000..baf9fce --- /dev/null +++ b/tomcat-7.0.57-CompilerOptionsV8.patch @@ -0,0 +1,109 @@ +--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2014-11-18 14:29:02.146042000 -0500 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2014-11-18 14:31:41.851597000 -0500 +@@ -67,7 +67,6 @@ + /** + * Compile the servlet from .java file to .class file + */ +- @Override + protected void generateClass(String[] smap) + throws FileNotFoundException, JasperException, Exception { + +@@ -98,12 +97,10 @@ + this.sourceFile = sourceFile; + } + +- @Override + public char[] getFileName() { + return sourceFile.toCharArray(); + } + +- @Override + public char[] getContents() { + char[] result = null; + FileInputStream is = null; +@@ -145,7 +142,6 @@ + return result; + } + +- @Override + public char[] getMainTypeName() { + int dot = className.lastIndexOf('.'); + if (dot > 0) { +@@ -154,7 +150,6 @@ + return className.toCharArray(); + } + +- @Override + public char[][] getPackageName() { + StringTokenizer izer = + new StringTokenizer(className, "."); +@@ -166,7 +161,6 @@ + return result; + } + +- @Override + public boolean ignoreOptionalProblems() { + return false; + } +@@ -174,7 +168,6 @@ + + final INameEnvironment env = new INameEnvironment() { + +- @Override + public NameEnvironmentAnswer + findType(char[][] compoundTypeName) { + String result = ""; +@@ -187,7 +180,6 @@ + return findType(result); + } + +- @Override + public NameEnvironmentAnswer + findType(char[] typeName, + char[][] packageName) { +@@ -269,7 +261,6 @@ + } + } + +- @Override + public boolean isPackage(char[][] parentPackageName, + char[] packageName) { + String result = ""; +@@ -293,7 +284,6 @@ + return isPackage(result); + } + +- @Override + public void cleanup() { + } + +@@ -342,9 +332,6 @@ + } else if(opt.equals("1.7")) { + settings.put(CompilerOptions.OPTION_Source, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_Source, +- CompilerOptions.VERSION_1_8); + } else { + log.warn("Unknown source VM " + opt + " ignored."); + settings.put(CompilerOptions.OPTION_Source, +@@ -386,11 +373,6 @@ + CompilerOptions.VERSION_1_7); + settings.put(CompilerOptions.OPTION_Compliance, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_TargetPlatform, +- CompilerOptions.VERSION_1_8); +- settings.put(CompilerOptions.OPTION_Compliance, +- CompilerOptions.VERSION_1_8); + } else { + log.warn("Unknown target VM " + opt + " ignored."); + settings.put(CompilerOptions.OPTION_TargetPlatform, +@@ -408,7 +390,6 @@ + new DefaultProblemFactory(Locale.getDefault()); + + final ICompilerRequestor requestor = new ICompilerRequestor() { +- @Override + public void acceptResult(CompilationResult result) { + try { + if (result.hasProblems()) { diff --git a/tomcat.spec b/tomcat.spec index 67431be..999eeda 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 33 +%global micro_version 65 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -53,13 +53,13 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 4%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons License: ASL 2.0 URL: http://tomcat.apache.org/ -Source0: http://archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz +Source0: http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz Source1: %{name}-%{major_version}.%{minor_version}.conf Source2: %{name}-%{major_version}.%{minor_version}.init Source3: %{name}-%{major_version}.%{minor_version}.sysconfig @@ -79,11 +79,11 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch +# Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 +Patch2: %{name}-7.0.57-CompilerOptionsV8.patch BuildArch: noarch -ExcludeArch: ppc64 - BuildRequires: ant BuildRequires: ant-nodeps BuildRequires: ant-trax @@ -164,6 +164,7 @@ Summary: Apache Tomcat JSP API implementation classes Provides: jsp = %{jspspec} Provides: jsp22 Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release} +Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release} Requires(post): chkconfig Requires(postun): chkconfig @@ -226,6 +227,8 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %patch0 -p0 %patch1 -p0 +%patch2 -p0 + %{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar %{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar @@ -257,6 +260,7 @@ export OPT_JAR_LIST="ant/ant-trax xalan-j2-serializer" -Dno.build.dbcp=true \ -Dversion="%{version}" \ -Dversion.build="%{micro_version}" \ + -Djava.7.home=%{java_home} \ deploy dist-prepare dist-source javadoc # remove some jars that we'll replace with symlinks later @@ -526,8 +530,9 @@ fi %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %attr(0755,root,tomcat) %dir %{basedir} %attr(0755,root,tomcat) %dir %{confdir} +%defattr(0664,tomcat,root,0770) +%attr(0770,tomcat,root) %dir %{logdir} %defattr(0664,root,tomcat,0770) -%attr(0770,root,tomcat) %dir %{logdir} %attr(0660,tomcat,tomcat) %{logdir}/catalina.out %attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} @@ -622,6 +627,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 +- Updated to 7.0.65 + * Tue Apr 29 2014 Vlad Slepukhin 0:7.0.33-4 - Fixed bug not allowing Tomcat to start properly connected with access privleges to the logging directory - Removed residual systemd configuration from the wrapper From 5eb026baf5d8ecc03e22a41dc6c364319df61be6 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Mon, 16 Nov 2015 09:10:29 -0500 Subject: [PATCH 17/79] Updated to 7.0.65 --- add_parent_logger_getter.patch | 29 ------- sources | 2 +- tomcat-7.0.57-CompilerOptionsV8.patch | 109 ++++++++++++++++++++++++++ tomcat-7.0.65-build.patch | 53 +++++++++++++ tomcat.spec | 25 ++++-- 5 files changed, 181 insertions(+), 37 deletions(-) delete mode 100644 add_parent_logger_getter.patch create mode 100644 tomcat-7.0.57-CompilerOptionsV8.patch create mode 100644 tomcat-7.0.65-build.patch diff --git a/add_parent_logger_getter.patch b/add_parent_logger_getter.patch deleted file mode 100644 index 40b9268..0000000 --- a/add_parent_logger_getter.patch +++ /dev/null @@ -1,29 +0,0 @@ ---- modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java.sav 2012-01-17 13:55:44.000000000 +0400 -+++ modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java 2012-01-22 00:44:22.299789107 +0400 -@@ -19,9 +19,11 @@ package org.apache.tomcat.jdbc.pool; - import java.io.PrintWriter; - import java.sql.Connection; - import java.sql.SQLException; -+import java.sql.SQLFeatureNotSupportedException; - import java.util.Iterator; - import java.util.Properties; - import java.util.concurrent.Future; -+import java.util.logging.Logger; - - import javax.sql.XAConnection; - -@@ -534,6 +536,14 @@ public class DataSourceProxy implements - } - - /** -+ * no-op -+ * {@link javax.sql.DataSource#getParentLogger} -+ */ -+ public Logger getParentLogger() throws SQLFeatureNotSupportedException { -+ throw new SQLFeatureNotSupportedException(); -+ } -+ -+ /** - * no-op - * {@link javax.sql.DataSource#getLogWriter} - */ diff --git a/sources b/sources index b76a2e2..08fad59 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1693d330f195366a6cd852bf3ce3eb95 apache-tomcat-7.0.33-src.tar.gz +f26a57bbb9713c1a101e37243eaa2175 apache-tomcat-7.0.65-src.tar.gz diff --git a/tomcat-7.0.57-CompilerOptionsV8.patch b/tomcat-7.0.57-CompilerOptionsV8.patch new file mode 100644 index 0000000..baf9fce --- /dev/null +++ b/tomcat-7.0.57-CompilerOptionsV8.patch @@ -0,0 +1,109 @@ +--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2014-11-18 14:29:02.146042000 -0500 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2014-11-18 14:31:41.851597000 -0500 +@@ -67,7 +67,6 @@ + /** + * Compile the servlet from .java file to .class file + */ +- @Override + protected void generateClass(String[] smap) + throws FileNotFoundException, JasperException, Exception { + +@@ -98,12 +97,10 @@ + this.sourceFile = sourceFile; + } + +- @Override + public char[] getFileName() { + return sourceFile.toCharArray(); + } + +- @Override + public char[] getContents() { + char[] result = null; + FileInputStream is = null; +@@ -145,7 +142,6 @@ + return result; + } + +- @Override + public char[] getMainTypeName() { + int dot = className.lastIndexOf('.'); + if (dot > 0) { +@@ -154,7 +150,6 @@ + return className.toCharArray(); + } + +- @Override + public char[][] getPackageName() { + StringTokenizer izer = + new StringTokenizer(className, "."); +@@ -166,7 +161,6 @@ + return result; + } + +- @Override + public boolean ignoreOptionalProblems() { + return false; + } +@@ -174,7 +168,6 @@ + + final INameEnvironment env = new INameEnvironment() { + +- @Override + public NameEnvironmentAnswer + findType(char[][] compoundTypeName) { + String result = ""; +@@ -187,7 +180,6 @@ + return findType(result); + } + +- @Override + public NameEnvironmentAnswer + findType(char[] typeName, + char[][] packageName) { +@@ -269,7 +261,6 @@ + } + } + +- @Override + public boolean isPackage(char[][] parentPackageName, + char[] packageName) { + String result = ""; +@@ -293,7 +284,6 @@ + return isPackage(result); + } + +- @Override + public void cleanup() { + } + +@@ -342,9 +332,6 @@ + } else if(opt.equals("1.7")) { + settings.put(CompilerOptions.OPTION_Source, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_Source, +- CompilerOptions.VERSION_1_8); + } else { + log.warn("Unknown source VM " + opt + " ignored."); + settings.put(CompilerOptions.OPTION_Source, +@@ -386,11 +373,6 @@ + CompilerOptions.VERSION_1_7); + settings.put(CompilerOptions.OPTION_Compliance, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_TargetPlatform, +- CompilerOptions.VERSION_1_8); +- settings.put(CompilerOptions.OPTION_Compliance, +- CompilerOptions.VERSION_1_8); + } else { + log.warn("Unknown target VM " + opt + " ignored."); + settings.put(CompilerOptions.OPTION_TargetPlatform, +@@ -408,7 +390,6 @@ + new DefaultProblemFactory(Locale.getDefault()); + + final ICompilerRequestor requestor = new ICompilerRequestor() { +- @Override + public void acceptResult(CompilationResult result) { + try { + if (result.hasProblems()) { diff --git a/tomcat-7.0.65-build.patch b/tomcat-7.0.65-build.patch new file mode 100644 index 0000000..5e98385 --- /dev/null +++ b/tomcat-7.0.65-build.patch @@ -0,0 +1,53 @@ +--- build.xml 2015-12-11 07:27:23.026996172 -0500 ++++ build.xml 2015-12-11 07:29:46.762002209 -0500 +@@ -1042,12 +1042,11 @@ + + + +- +- ++ + + + +- ++ + + + +@@ -2826,7 +2825,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + +@@ -2857,7 +2856,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + +@@ -2886,7 +2885,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + +@@ -2927,7 +2926,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + diff --git a/tomcat.spec b/tomcat.spec index 67431be..3446a19 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 33 +%global micro_version 65 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -53,13 +53,13 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 4%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons License: ASL 2.0 URL: http://tomcat.apache.org/ -Source0: http://archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz +Source0: http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz Source1: %{name}-%{major_version}.%{minor_version}.conf Source2: %{name}-%{major_version}.%{minor_version}.init Source3: %{name}-%{major_version}.%{minor_version}.sysconfig @@ -79,11 +79,13 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch +# Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 +Patch2: %{name}-7.0.57-CompilerOptionsV8.patch +# Adding patch to remove unsupport ant tasks/attributes +Patch3: %{name}-7.0.65-build.patch BuildArch: noarch -ExcludeArch: ppc64 - BuildRequires: ant BuildRequires: ant-nodeps BuildRequires: ant-trax @@ -94,7 +96,7 @@ BuildRequires: jakarta-commons-daemon BuildRequires: jakarta-commons-dbcp BuildRequires: jakarta-commons-pool BuildRequires: jakarta-taglibs-standard -BuildRequires: java-devel >= 1:1.6.0 +BuildRequires: java7-devel >= 1:1.7.0 BuildRequires: jpackage-utils >= 0:1.7.0 BuildRequires: junit BuildRequires: log4j @@ -164,6 +166,7 @@ Summary: Apache Tomcat JSP API implementation classes Provides: jsp = %{jspspec} Provides: jsp22 Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release} +Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release} Requires(post): chkconfig Requires(postun): chkconfig @@ -226,6 +229,9 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %patch0 -p0 %patch1 -p0 +%patch2 -p0 +%patch3 -p0 + %{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar %{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar @@ -257,6 +263,7 @@ export OPT_JAR_LIST="ant/ant-trax xalan-j2-serializer" -Dno.build.dbcp=true \ -Dversion="%{version}" \ -Dversion.build="%{micro_version}" \ + -Djava.7.home=%{java_home} \ deploy dist-prepare dist-source javadoc # remove some jars that we'll replace with symlinks later @@ -526,8 +533,9 @@ fi %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %attr(0755,root,tomcat) %dir %{basedir} %attr(0755,root,tomcat) %dir %{confdir} +%defattr(0664,tomcat,root,0770) +%attr(0770,tomcat,root) %dir %{logdir} %defattr(0664,root,tomcat,0770) -%attr(0770,root,tomcat) %dir %{logdir} %attr(0660,tomcat,tomcat) %{logdir}/catalina.out %attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} @@ -622,6 +630,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 +- Updated to 7.0.65 + * Tue Apr 29 2014 Vlad Slepukhin 0:7.0.33-4 - Fixed bug not allowing Tomcat to start properly connected with access privleges to the logging directory - Removed residual systemd configuration from the wrapper From cecdb36d07e5da33ccf930cf7e4b7ea426719f4e Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Mon, 16 Nov 2015 09:10:29 -0500 Subject: [PATCH 18/79] Updated to 7.0.65 --- add_parent_logger_getter.patch | 29 ------- sources | 2 +- tomcat-7.0.57-CompilerOptionsV8.patch | 109 ++++++++++++++++++++++++++ tomcat-7.0.65-build.patch | 53 +++++++++++++ tomcat.spec | 27 +++++-- 5 files changed, 182 insertions(+), 38 deletions(-) delete mode 100644 add_parent_logger_getter.patch create mode 100644 tomcat-7.0.57-CompilerOptionsV8.patch create mode 100644 tomcat-7.0.65-build.patch diff --git a/add_parent_logger_getter.patch b/add_parent_logger_getter.patch deleted file mode 100644 index 40b9268..0000000 --- a/add_parent_logger_getter.patch +++ /dev/null @@ -1,29 +0,0 @@ ---- modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java.sav 2012-01-17 13:55:44.000000000 +0400 -+++ modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java 2012-01-22 00:44:22.299789107 +0400 -@@ -19,9 +19,11 @@ package org.apache.tomcat.jdbc.pool; - import java.io.PrintWriter; - import java.sql.Connection; - import java.sql.SQLException; -+import java.sql.SQLFeatureNotSupportedException; - import java.util.Iterator; - import java.util.Properties; - import java.util.concurrent.Future; -+import java.util.logging.Logger; - - import javax.sql.XAConnection; - -@@ -534,6 +536,14 @@ public class DataSourceProxy implements - } - - /** -+ * no-op -+ * {@link javax.sql.DataSource#getParentLogger} -+ */ -+ public Logger getParentLogger() throws SQLFeatureNotSupportedException { -+ throw new SQLFeatureNotSupportedException(); -+ } -+ -+ /** - * no-op - * {@link javax.sql.DataSource#getLogWriter} - */ diff --git a/sources b/sources index b76a2e2..08fad59 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1693d330f195366a6cd852bf3ce3eb95 apache-tomcat-7.0.33-src.tar.gz +f26a57bbb9713c1a101e37243eaa2175 apache-tomcat-7.0.65-src.tar.gz diff --git a/tomcat-7.0.57-CompilerOptionsV8.patch b/tomcat-7.0.57-CompilerOptionsV8.patch new file mode 100644 index 0000000..baf9fce --- /dev/null +++ b/tomcat-7.0.57-CompilerOptionsV8.patch @@ -0,0 +1,109 @@ +--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2014-11-18 14:29:02.146042000 -0500 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2014-11-18 14:31:41.851597000 -0500 +@@ -67,7 +67,6 @@ + /** + * Compile the servlet from .java file to .class file + */ +- @Override + protected void generateClass(String[] smap) + throws FileNotFoundException, JasperException, Exception { + +@@ -98,12 +97,10 @@ + this.sourceFile = sourceFile; + } + +- @Override + public char[] getFileName() { + return sourceFile.toCharArray(); + } + +- @Override + public char[] getContents() { + char[] result = null; + FileInputStream is = null; +@@ -145,7 +142,6 @@ + return result; + } + +- @Override + public char[] getMainTypeName() { + int dot = className.lastIndexOf('.'); + if (dot > 0) { +@@ -154,7 +150,6 @@ + return className.toCharArray(); + } + +- @Override + public char[][] getPackageName() { + StringTokenizer izer = + new StringTokenizer(className, "."); +@@ -166,7 +161,6 @@ + return result; + } + +- @Override + public boolean ignoreOptionalProblems() { + return false; + } +@@ -174,7 +168,6 @@ + + final INameEnvironment env = new INameEnvironment() { + +- @Override + public NameEnvironmentAnswer + findType(char[][] compoundTypeName) { + String result = ""; +@@ -187,7 +180,6 @@ + return findType(result); + } + +- @Override + public NameEnvironmentAnswer + findType(char[] typeName, + char[][] packageName) { +@@ -269,7 +261,6 @@ + } + } + +- @Override + public boolean isPackage(char[][] parentPackageName, + char[] packageName) { + String result = ""; +@@ -293,7 +284,6 @@ + return isPackage(result); + } + +- @Override + public void cleanup() { + } + +@@ -342,9 +332,6 @@ + } else if(opt.equals("1.7")) { + settings.put(CompilerOptions.OPTION_Source, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_Source, +- CompilerOptions.VERSION_1_8); + } else { + log.warn("Unknown source VM " + opt + " ignored."); + settings.put(CompilerOptions.OPTION_Source, +@@ -386,11 +373,6 @@ + CompilerOptions.VERSION_1_7); + settings.put(CompilerOptions.OPTION_Compliance, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_TargetPlatform, +- CompilerOptions.VERSION_1_8); +- settings.put(CompilerOptions.OPTION_Compliance, +- CompilerOptions.VERSION_1_8); + } else { + log.warn("Unknown target VM " + opt + " ignored."); + settings.put(CompilerOptions.OPTION_TargetPlatform, +@@ -408,7 +390,6 @@ + new DefaultProblemFactory(Locale.getDefault()); + + final ICompilerRequestor requestor = new ICompilerRequestor() { +- @Override + public void acceptResult(CompilationResult result) { + try { + if (result.hasProblems()) { diff --git a/tomcat-7.0.65-build.patch b/tomcat-7.0.65-build.patch new file mode 100644 index 0000000..5e98385 --- /dev/null +++ b/tomcat-7.0.65-build.patch @@ -0,0 +1,53 @@ +--- build.xml 2015-12-11 07:27:23.026996172 -0500 ++++ build.xml 2015-12-11 07:29:46.762002209 -0500 +@@ -1042,12 +1042,11 @@ + + + +- +- ++ + + + +- ++ + + + +@@ -2826,7 +2825,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + +@@ -2857,7 +2856,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + +@@ -2886,7 +2885,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + +@@ -2927,7 +2926,7 @@ Apache Tomcat ${version} native binaries + + + +- ++ + + + diff --git a/tomcat.spec b/tomcat.spec index 67431be..167c04d 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 33 +%global micro_version 65 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -53,13 +53,13 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 4%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons License: ASL 2.0 URL: http://tomcat.apache.org/ -Source0: http://archive.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz +Source0: http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz Source1: %{name}-%{major_version}.%{minor_version}.conf Source2: %{name}-%{major_version}.%{minor_version}.init Source3: %{name}-%{major_version}.%{minor_version}.sysconfig @@ -79,11 +79,13 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch +# Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 +Patch2: %{name}-7.0.57-CompilerOptionsV8.patch +# Adding patch to remove unsupport ant tasks/attributes +Patch3: %{name}-7.0.65-build.patch BuildArch: noarch -ExcludeArch: ppc64 - BuildRequires: ant BuildRequires: ant-nodeps BuildRequires: ant-trax @@ -94,7 +96,7 @@ BuildRequires: jakarta-commons-daemon BuildRequires: jakarta-commons-dbcp BuildRequires: jakarta-commons-pool BuildRequires: jakarta-taglibs-standard -BuildRequires: java-devel >= 1:1.6.0 +BuildRequires: java7-devel >= 1:1.7.0 BuildRequires: jpackage-utils >= 0:1.7.0 BuildRequires: junit BuildRequires: log4j @@ -164,6 +166,7 @@ Summary: Apache Tomcat JSP API implementation classes Provides: jsp = %{jspspec} Provides: jsp22 Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release} +Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release} Requires(post): chkconfig Requires(postun): chkconfig @@ -226,11 +229,14 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %patch0 -p0 %patch1 -p0 +%patch2 -p0 +%patch3 -p0 + %{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar %{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar %build -export OPT_JAR_LIST="ant/ant-trax xalan-j2-serializer" +export OPT_JAR_LIST="ant/ant-trax ant/ant-nodeps xalan-j2-serializer" # we don't care about the tarballs and we're going to replace # tomcat-dbcp.jar with jakarta-commons-{collections,dbcp,pool}-tomcat5.jar # so just create a dummy file for later removal @@ -257,6 +263,7 @@ export OPT_JAR_LIST="ant/ant-trax xalan-j2-serializer" -Dno.build.dbcp=true \ -Dversion="%{version}" \ -Dversion.build="%{micro_version}" \ + -Djava.7.home=%{java_home} \ deploy dist-prepare dist-source javadoc # remove some jars that we'll replace with symlinks later @@ -526,8 +533,9 @@ fi %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %attr(0755,root,tomcat) %dir %{basedir} %attr(0755,root,tomcat) %dir %{confdir} +%defattr(0664,tomcat,root,0770) +%attr(0770,tomcat,root) %dir %{logdir} %defattr(0664,root,tomcat,0770) -%attr(0770,root,tomcat) %dir %{logdir} %attr(0660,tomcat,tomcat) %{logdir}/catalina.out %attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} @@ -622,6 +630,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 +- Updated to 7.0.65 + * Tue Apr 29 2014 Vlad Slepukhin 0:7.0.33-4 - Fixed bug not allowing Tomcat to start properly connected with access privleges to the logging directory - Removed residual systemd configuration from the wrapper From f277685a2851ac3f50ef616c5af4ac0b9483c86e Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Mon, 4 Jan 2016 16:16:07 -0500 Subject: [PATCH 19/79] Adding back the ppc64 exclusion because java7 doesn't exist on ppc64. --- tomcat.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tomcat.spec b/tomcat.spec index 167c04d..eada7ab 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -86,6 +86,8 @@ Patch3: %{name}-7.0.65-build.patch BuildArch: noarch +ExcludeArch: ppc64 + BuildRequires: ant BuildRequires: ant-nodeps BuildRequires: ant-trax From da5404f2d4e040aada61c37b8e4c222b045e569b Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 1 Jul 2016 12:49:22 -0400 Subject: [PATCH 20/79] Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html --- tomcat.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index eada7ab..98e2e0a 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -339,7 +339,7 @@ pushd output/build %{__cp} -a webapps/* ${RPM_BUILD_ROOT}%{appdir} popd # javadoc -%{__cp} -a webapps/docs/api/* ${RPM_BUILD_ROOT}%{_javadocdir}/%{name} +%{__cp} -a output/dist/webapps/docs/api/* ${RPM_BUILD_ROOT}%{_javadocdir}/%{name} %{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \ -e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \ @@ -632,6 +632,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Jul 01 2016 Coty Sutherland 0:7.0.65-2 +- Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html + * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From b225805ced6eed068da3e2c4f9b65951fdba0d1b Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 09:43:24 -0400 Subject: [PATCH 21/79] Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) --- tomcat-7.0-catalina-policy.patch | 38 ++++++++++++++++++++++++++++++++ tomcat.spec | 7 +++++- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 tomcat-7.0-catalina-policy.patch diff --git a/tomcat-7.0-catalina-policy.patch b/tomcat-7.0-catalina-policy.patch new file mode 100644 index 0000000..0666d07 --- /dev/null +++ b/tomcat-7.0-catalina-policy.patch @@ -0,0 +1,38 @@ +--- conf/catalina.policy 2016-07-07 16:31:44.473000159 -0400 ++++ conf/catalina.policy 2016-07-07 16:32:14.349000359 -0400 +@@ -51,6 +51,36 @@ + }; + + ++// ========== RHEL SPECIFIC CODE PERMISSIONS ======================================= ++ ++// Allowing everything in /usr/share/java allows too many unknowns to be permitted ++// Specifying the individual jars that tomcat needs to function with the security manager ++// is the safest way forward. ++grant codeBase "file:/usr/share/java/tomcat-el-2.2-api.jar" { ++ permission java.security.AllPermission; ++}; ++grant codeBase "file:" { ++ permission java.security.AllPermission; ++}; ++grant codeBase "file:/usr/share/java/tomcat-jsp-2.2-api.jar" { ++ permission java.security.AllPermission; ++}; ++grant codeBase "file:/usr/share/java/tomcat-servlet-3.0-api.jar" { ++ permission java.security.AllPermission; ++}; ++grant codeBase "file:/usr/share/java/jakarta-commons-collections.jar" { ++ permission java.security.AllPermission; ++}; ++grant codeBase "file:/usr/share/java/jakarta-commons-dbcp.jar" { ++ permission java.security.AllPermission; ++}; ++grant codeBase "file:/usr/share/java/ecj.jar" { ++ permission java.security.AllPermission; ++}; ++grant codeBase "file:/usr/share/java/log4j.jar" { ++ permission java.security.AllPermission; ++}; ++ + // ========== CATALINA CODE PERMISSIONS ======================================= + diff --git a/tomcat.spec b/tomcat.spec index 98e2e0a..a7bac4f 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -59,6 +59,7 @@ Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{js Group: System Environment/Daemons License: ASL 2.0 URL: http://tomcat.apache.org/ + Source0: http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz Source1: %{name}-%{major_version}.%{minor_version}.conf Source2: %{name}-%{major_version}.%{minor_version}.init @@ -83,6 +84,7 @@ Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.pat Patch2: %{name}-7.0.57-CompilerOptionsV8.patch # Adding patch to remove unsupport ant tasks/attributes Patch3: %{name}-7.0.65-build.patch +Patch4: %{name}-7.0-catalina-policy.patch BuildArch: noarch @@ -103,6 +105,7 @@ BuildRequires: jpackage-utils >= 0:1.7.0 BuildRequires: junit BuildRequires: log4j BuildRequires: wsdl4j + Requires: jakarta-commons-daemon Requires: jakarta-commons-logging Requires: jakarta-commons-collections @@ -233,6 +236,7 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %patch1 -p0 %patch2 -p0 %patch3 -p0 +%patch4 -p0 %{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar %{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar @@ -632,8 +636,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog -* Fri Jul 01 2016 Coty Sutherland 0:7.0.65-2 +* Fri Aug 05 2016 Coty Sutherland 0:7.0.65-2 - Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html +- Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From aa5454a96d7b783b3214ed97916b868918b21e26 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 09:46:24 -0400 Subject: [PATCH 22/79] Related: rhbz#1347838 I noticed an erroneous block in the policy patch. Removed it. --- tomcat-7.0-catalina-policy.patch | 3 --- 1 file changed, 3 deletions(-) diff --git a/tomcat-7.0-catalina-policy.patch b/tomcat-7.0-catalina-policy.patch index 0666d07..3f7dbc7 100644 --- a/tomcat-7.0-catalina-policy.patch +++ b/tomcat-7.0-catalina-policy.patch @@ -12,9 +12,6 @@ +grant codeBase "file:/usr/share/java/tomcat-el-2.2-api.jar" { + permission java.security.AllPermission; +}; -+grant codeBase "file:" { -+ permission java.security.AllPermission; -+}; +grant codeBase "file:/usr/share/java/tomcat-jsp-2.2-api.jar" { + permission java.security.AllPermission; +}; From 24b2b7a82d1aee958e8506df1564d489d1f193fb Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 14 Apr 2016 15:39:12 -0400 Subject: [PATCH 23/79] Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out --- tomcat.spec | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index a7bac4f..8903bd6 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 1%{?dist} +Release: 2%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -542,8 +542,8 @@ fi %defattr(0664,tomcat,root,0770) %attr(0770,tomcat,root) %dir %{logdir} %defattr(0664,root,tomcat,0770) -%attr(0660,tomcat,tomcat) %{logdir}/catalina.out -%attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid +%attr(0660,tomcat,tomcat) %verify(not size md5 mtime) %{logdir}/catalina.out +%attr(0644,tomcat,tomcat) %verify(not size md5 mtime) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} %attr(0770,root,tomcat) %dir %{tempdir} %attr(0770,root,tomcat) %dir %{workdir} @@ -639,6 +639,7 @@ fi * Fri Aug 05 2016 Coty Sutherland 0:7.0.65-2 - Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html - Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) +- Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From 8e804f0efdd370ea629a9822ebbb5d11618ef964 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 09:56:41 -0400 Subject: [PATCH 24/79] Resolved: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped --- tomcat.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/tomcat.spec b/tomcat.spec index 8903bd6..3956c3c 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -640,6 +640,7 @@ fi - Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html - Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) - Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out +- Resolved: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From 56cc1dee84c0793aed116417146433a6ab9a6419 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 09:57:40 -0400 Subject: [PATCH 25/79] Related: rhbz#1314177 Forgot to commit to init change... --- tomcat-7.0.init | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tomcat-7.0.init b/tomcat-7.0.init index f5269f5..f1b6d2d 100644 --- a/tomcat-7.0.init +++ b/tomcat-7.0.init @@ -288,7 +288,7 @@ case "$1" in RETVAL="1" fi else - pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} java)" + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f \"${NAME}[ $]\")" if [ -z "$pid" ]; then # status ${NAME} # RETVAL="$?" @@ -300,7 +300,7 @@ case "$1" in fi fi if [ -f /var/lock/subsys/${NAME} ]; then - pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} java)" + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f \"${NAME}[ $]\")" # The lockfile exists but the process is not running if [ -z "$pid" ]; then log_failure_msg "${NAME} lockfile exists but process is not running" From 93f643e335a2cf28b8ac471dc7e9f777fd3e57e7 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 10:02:54 -0400 Subject: [PATCH 26/79] Resolves: rhbz#1312280 Unable to overwrite the TOMCAT_SCRIPT variable --- tomcat-7.0.init | 2 +- tomcat.spec | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/tomcat-7.0.init b/tomcat-7.0.init index f1b6d2d..a3fd004 100644 --- a/tomcat-7.0.init +++ b/tomcat-7.0.init @@ -58,7 +58,7 @@ fi CONNECTOR_PORT="${CONNECTOR_PORT:-8080}" # Path to the tomcat launch script -TOMCAT_SCRIPT="/usr/sbin/tomcat" +TOMCAT_SCRIPT="${TOMCAT_SCRIPT:-/usr/sbin/tomcat}" # Tomcat program name TOMCAT_PROG="${NAME}" diff --git a/tomcat.spec b/tomcat.spec index 3956c3c..62ef199 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -640,7 +640,8 @@ fi - Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html - Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) - Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out -- Resolved: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped +- Resolves: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped +- Resolves: rhbz#1312280 Unable to overwrite the TOMCAT_SCRIPT variable * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From bbe9e2eb9c49750763f44aad94c0ba0c08091ebc Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Tue, 2 Feb 2016 22:35:50 -0500 Subject: [PATCH 27/79] Resolves: rhbz#1104708 Tomcat init script does not respect setting of CATALINA_PID in /etc/sysconfig/tomcat --- tomcat-7.0.init | 21 +++++++++++---------- tomcat.spec | 1 + 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/tomcat-7.0.init b/tomcat-7.0.init index a3fd004..bf0b5fc 100644 --- a/tomcat-7.0.init +++ b/tomcat-7.0.init @@ -69,6 +69,8 @@ TOMCAT_USER="${TOMCAT_USER:-tomcat}" # Define the tomcat log file TOMCAT_LOG="${TOMCAT_LOG:-${CATALINA_HOME}/logs/${NAME}-initd.log}" +# Define the tomcat pid file +CATALINA_PID="${CATALINA_PID:-/var/run/${NAME}.pid}" RETVAL="0" @@ -149,8 +151,8 @@ function start() { return fi if [ -f "/var/lock/subsys/${NAME}" ]; then - if [ -s "/var/run/${NAME}.pid" ]; then - read kpid < /var/run/${NAME}.pid + if [ -s "$CATALINA_PID" ]; then + read kpid < $CATALINA_PID # if checkpid $kpid 2>&1; then if [ -d "/proc/${kpid}" ]; then log_success_msg @@ -162,7 +164,6 @@ function start() { fi fi # fix permissions on the log and pid files - export CATALINA_PID="/var/run/${NAME}.pid" touch $CATALINA_PID 2>&1 || RETVAL="4" if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then chown ${TOMCAT_USER}:${TOMCAT_USER} $CATALINA_PID @@ -210,8 +211,8 @@ function stop() { fi if [ "$RETVAL" -eq "0" ]; then count="0" - if [ -s "/var/run/${NAME}.pid" ]; then - read kpid < /var/run/${NAME}.pid + if [ -s "$CATALINA_PID" ]; then + read kpid < $CATALINA_PID until [ "$(ps --pid $kpid | grep -c $kpid)" -eq "0" ] || \ [ "$count" -gt "$SHUTDOWN_WAIT" ]; do if [ "$SHUTDOWN_VERBOSE" = "true" ]; then @@ -228,7 +229,7 @@ function stop() { fi log_success_msg fi - rm -f /var/lock/subsys/${NAME} /var/run/${NAME}.pid + rm -f /var/lock/subsys/${NAME} $CATALINA_PID else log_failure_msg RETVAL="4" @@ -262,7 +263,7 @@ case "$1" in start ;; condrestart|try-restart) - if [ -s "/var/run/${NAME}.pid" ]; then + if [ -s "$CATALINA_PID" ]; then stop start fi @@ -271,14 +272,14 @@ case "$1" in RETVAL="3" ;; force-reload) - if [ -s "/var/run/${NAME}.pid" ]; then + if [ -s "$CATALINA_PID" ]; then stop start fi ;; status) - if [ -s "/var/run/${NAME}.pid" ]; then - read kpid < /var/run/${NAME}.pid + if [ -s "$CATALINA_PID" ]; then + read kpid < $CATALINA_PID if [ -d "/proc/${kpid}" ]; then log_success_msg "${NAME} (pid ${kpid}) is running..." RETVAL="0" diff --git a/tomcat.spec b/tomcat.spec index 62ef199..a55bd56 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -642,6 +642,7 @@ fi - Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out - Resolves: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped - Resolves: rhbz#1312280 Unable to overwrite the TOMCAT_SCRIPT variable +- Resolves: rhbz#1104708 Tomcat init script does not respect setting of CATALINA_PID in /etc/sysconfig/tomcat * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From 694a0068763cf44eabe6b8fba7816a1a7e8698ca Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Wed, 10 Feb 2016 14:58:16 -0500 Subject: [PATCH 28/79] Resolves: rhbz#1104704 /usr/sbin/tomcat overrides settings specified in /etc/sysconfig/${NAME} --- tomcat-7.0.conf | 3 +++ tomcat-7.0.wrapper | 13 ++++++++----- tomcat.spec | 1 + 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/tomcat-7.0.conf b/tomcat-7.0.conf index a500479..327cdd9 100644 --- a/tomcat-7.0.conf +++ b/tomcat-7.0.conf @@ -8,6 +8,9 @@ # (see, for instance, /etc/sysconfig/tomcat) # +# This variable is used to figure out if config is loaded or not. +TOMCAT_CFG_LOADED="1" + # Where your java installation lives JAVA_HOME="/usr/lib/jvm/jre" diff --git a/tomcat-7.0.wrapper b/tomcat-7.0.wrapper index d6db6e8..61b25c3 100644 --- a/tomcat-7.0.wrapper +++ b/tomcat-7.0.wrapper @@ -8,12 +8,15 @@ else fi # Get the tomcat config (use this for environment specific settings) -if [ -z "${TOMCAT_CFG}" ]; then - TOMCAT_CFG="/etc/tomcat/tomcat.conf" -fi +# if $TOMCAT_CFG wasn't already loaded +if [ -z "${TOMCAT_CFG_LOADED}" ]; then + if [ -z "${TOMCAT_CFG}" ]; then + TOMCAT_CFG="/etc/tomcat/tomcat.conf" + fi -if [ -r "$TOMCAT_CFG" ]; then - . $TOMCAT_CFG + if [ -r "$TOMCAT_CFG" ]; then + . $TOMCAT_CFG + fi fi set_javacmd diff --git a/tomcat.spec b/tomcat.spec index a55bd56..723ab0c 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -643,6 +643,7 @@ fi - Resolves: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped - Resolves: rhbz#1312280 Unable to overwrite the TOMCAT_SCRIPT variable - Resolves: rhbz#1104708 Tomcat init script does not respect setting of CATALINA_PID in /etc/sysconfig/tomcat +- Resolves: rhbz#1104704 /usr/sbin/tomcat overrides settings specified in /etc/sysconfig/${NAME} * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From bac4255793e25db3745b44deaf310421c9b98215 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 10:13:20 -0400 Subject: [PATCH 29/79] Resolves: rhbz#1364067 The tomcat-tool-wrapper script is broken --- tomcat-7.0-tool-wrapper.script | 2 +- tomcat.spec | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tomcat-7.0-tool-wrapper.script b/tomcat-7.0-tool-wrapper.script index 2640ce2..a43568b 100644 --- a/tomcat-7.0-tool-wrapper.script +++ b/tomcat-7.0-tool-wrapper.script @@ -34,7 +34,7 @@ export CLASSPATH MAIN_CLASS="org.apache.catalina.startup.Tool" BASE_OPTIONS="" BASE_FLAGS="-Dcatalina.home=\"$CATALINA_HOME\"" -BASE_JARS="commons-daemon tomcat/catalina servlet" +BASE_JARS="commons-daemon tomcat/catalina servlet tomcat/tomcat-util tomcat/tomcat-coyote" # Set parameters set_classpath $BASE_JARS diff --git a/tomcat.spec b/tomcat.spec index 723ab0c..e269eed 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -644,6 +644,7 @@ fi - Resolves: rhbz#1312280 Unable to overwrite the TOMCAT_SCRIPT variable - Resolves: rhbz#1104708 Tomcat init script does not respect setting of CATALINA_PID in /etc/sysconfig/tomcat - Resolves: rhbz#1104704 /usr/sbin/tomcat overrides settings specified in /etc/sysconfig/${NAME} +- Resolves: rhbz#1364067 The tomcat-tool-wrapper script is broken * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From 109dad6dbb4ac8056e6b5c62b445717b403667da Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 10:17:32 -0400 Subject: [PATCH 30/79] Resolves: rhbz#1364068 The command tomcat-digest doesn't work --- tomcat-7.0-digest.script | 2 +- tomcat.spec | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tomcat-7.0-digest.script b/tomcat-7.0-digest.script index 2ff7e64..86f05ec 100644 --- a/tomcat-7.0-digest.script +++ b/tomcat-7.0-digest.script @@ -34,7 +34,7 @@ export CLASSPATH MAIN_CLASS="org.apache.catalina.startup.Tool" BASE_FLAGS="-Dcatalina.home=\"$CATALINA_HOME\"" BASE_OPTIONS="" -BASE_JARS="commons-daemon tomcat/catalina servlet" +BASE_JARS="commons-daemon tomcat/catalina servlet tomcat/tomcat-util tomcat/tomcat-coyote" # Set parameters set_classpath $BASE_JARS diff --git a/tomcat.spec b/tomcat.spec index e269eed..832f606 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -645,6 +645,7 @@ fi - Resolves: rhbz#1104708 Tomcat init script does not respect setting of CATALINA_PID in /etc/sysconfig/tomcat - Resolves: rhbz#1104704 /usr/sbin/tomcat overrides settings specified in /etc/sysconfig/${NAME} - Resolves: rhbz#1364067 The tomcat-tool-wrapper script is broken +- Resolves: rhbz#1364068 The command tomcat-digest doesn't work * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From 8c1e26a72440fad616c20aa4deaa46033222c695 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Mon, 28 Mar 2016 15:18:37 -0400 Subject: [PATCH 31/79] Resolves: rhbz#1311499 Updating package causes tomcat to not start on boot --- tomcat.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 832f606..84b8203 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -504,9 +504,11 @@ EOF %preun # clean tempdir and workdir on removal or upgrade -%{_initrddir}/%{name} stop >/dev/null 2>&1 -/sbin/chkconfig --del %{name} %{__rm} -rf %{workdir}/* %{tempdir}/* +if [ "$1" = "0" ]; then + %{_initrddir}/%{name} stop >/dev/null 2>&1 + /sbin/chkconfig --del %{name} +fi %postun jsp-%{jspspec}-api if [ "$1" = "0" ]; then @@ -646,6 +648,7 @@ fi - Resolves: rhbz#1104704 /usr/sbin/tomcat overrides settings specified in /etc/sysconfig/${NAME} - Resolves: rhbz#1364067 The tomcat-tool-wrapper script is broken - Resolves: rhbz#1364068 The command tomcat-digest doesn't work +- Resolves: rhbz#1311499 Updating package causes tomcat to not start on boot * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From 7cac3fa020f621b14a3c9f807c7c5ac8aea02f72 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 1 Jul 2016 08:56:41 -0400 Subject: [PATCH 32/79] Resolves: rhbz#1352009 tomcat: multiple security vulnerabilities (updates to 7.0.70) This patch also removed the references to jaxrpc since the jar file is emtpy anyway. It was causing the javadoc phase to crash, so removing it resolves the build failure. --- .gitignore | 2 +- sources | 2 +- tomcat-7.0-tomcat-users-webapp.patch | 6 +-- ...h => tomcat-7.0.70-CompilerOptionsV8.patch | 50 +++++++++---------- ...5-build.patch => tomcat-7.0.70-build.patch | 40 +++++++++++---- tomcat.spec | 9 ++-- 6 files changed, 65 insertions(+), 44 deletions(-) rename tomcat-7.0.57-CompilerOptionsV8.patch => tomcat-7.0.70-CompilerOptionsV8.patch (73%) rename tomcat-7.0.65-build.patch => tomcat-7.0.70-build.patch (71%) diff --git a/.gitignore b/.gitignore index fd61fdd..27051a9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ apache-tomcat-*-src.tar.gz - +apache-tomcat-*-src diff --git a/sources b/sources index 08fad59..e0d7898 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f26a57bbb9713c1a101e37243eaa2175 apache-tomcat-7.0.65-src.tar.gz +0f56c888df5002cce25fce91634a65c9 apache-tomcat-7.0.70-src.tar.gz diff --git a/tomcat-7.0-tomcat-users-webapp.patch b/tomcat-7.0-tomcat-users-webapp.patch index 9f05e37..860c4cf 100644 --- a/tomcat-7.0-tomcat-users-webapp.patch +++ b/tomcat-7.0-tomcat-users-webapp.patch @@ -1,8 +1,8 @@ --- conf/tomcat-users.xml~ 2008-01-28 17:41:06.000000000 -0500 +++ conf/tomcat-users.xml 2008-03-07 19:40:07.000000000 -0500 @@ -23,4 +23,14 @@ - - + + --> + + @@ -13,5 +13,5 @@ + + + -+ ++ diff --git a/tomcat-7.0.57-CompilerOptionsV8.patch b/tomcat-7.0.70-CompilerOptionsV8.patch similarity index 73% rename from tomcat-7.0.57-CompilerOptionsV8.patch rename to tomcat-7.0.70-CompilerOptionsV8.patch index baf9fce..1edba43 100644 --- a/tomcat-7.0.57-CompilerOptionsV8.patch +++ b/tomcat-7.0.70-CompilerOptionsV8.patch @@ -1,43 +1,43 @@ ---- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2014-11-18 14:29:02.146042000 -0500 -+++ java/org/apache/jasper/compiler/JDTCompiler.java 2014-11-18 14:31:41.851597000 -0500 -@@ -67,7 +67,6 @@ +--- java/org/apache/jasper/compiler/JDTCompiler.java~ 2016-06-16 09:53:52.793827761 -0400 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2016-06-16 09:59:29.809134932 -0400 +@@ -67,7 +67,6 @@ public class JDTCompiler extends org.apa /** * Compile the servlet from .java file to .class file */ - @Override protected void generateClass(String[] smap) throws FileNotFoundException, JasperException, Exception { - -@@ -98,12 +97,10 @@ + +@@ -98,12 +97,10 @@ public class JDTCompiler extends org.apa this.sourceFile = sourceFile; } - + - @Override public char[] getFileName() { return sourceFile.toCharArray(); } - + - @Override public char[] getContents() { char[] result = null; FileInputStream is = null; -@@ -145,7 +142,6 @@ +@@ -145,7 +142,6 @@ public class JDTCompiler extends org.apa return result; } - + - @Override public char[] getMainTypeName() { int dot = className.lastIndexOf('.'); if (dot > 0) { -@@ -154,7 +150,6 @@ +@@ -154,7 +150,6 @@ public class JDTCompiler extends org.apa return className.toCharArray(); } - + - @Override public char[][] getPackageName() { StringTokenizer izer = new StringTokenizer(className, "."); -@@ -166,7 +161,6 @@ +@@ -166,7 +161,6 @@ public class JDTCompiler extends org.apa return result; } @@ -45,39 +45,39 @@ public boolean ignoreOptionalProblems() { return false; } -@@ -174,7 +168,6 @@ +@@ -174,7 +168,6 @@ public class JDTCompiler extends org.apa final INameEnvironment env = new INameEnvironment() { - @Override public NameEnvironmentAnswer findType(char[][] compoundTypeName) { - String result = ""; -@@ -187,7 +180,6 @@ - return findType(result); + StringBuilder result = new StringBuilder(); +@@ -187,7 +180,6 @@ public class JDTCompiler extends org.apa + return findType(result.toString()); } - @Override public NameEnvironmentAnswer findType(char[] typeName, char[][] packageName) { -@@ -269,7 +261,6 @@ +@@ -269,7 +261,6 @@ public class JDTCompiler extends org.apa } } - + - @Override public boolean isPackage(char[][] parentPackageName, char[] packageName) { - String result = ""; -@@ -293,7 +284,6 @@ - return isPackage(result); + StringBuilder result = new StringBuilder(); +@@ -291,7 +282,6 @@ public class JDTCompiler extends org.apa + return isPackage(result.toString()); } - @Override public void cleanup() { } -@@ -342,9 +332,6 @@ +@@ -340,9 +330,6 @@ public class JDTCompiler extends org.apa } else if(opt.equals("1.7")) { settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_1_7); @@ -87,7 +87,7 @@ } else { log.warn("Unknown source VM " + opt + " ignored."); settings.put(CompilerOptions.OPTION_Source, -@@ -386,11 +373,6 @@ +@@ -384,11 +371,6 @@ public class JDTCompiler extends org.apa CompilerOptions.VERSION_1_7); settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_1_7); @@ -99,9 +99,9 @@ } else { log.warn("Unknown target VM " + opt + " ignored."); settings.put(CompilerOptions.OPTION_TargetPlatform, -@@ -408,7 +390,6 @@ +@@ -406,7 +388,6 @@ public class JDTCompiler extends org.apa new DefaultProblemFactory(Locale.getDefault()); - + final ICompilerRequestor requestor = new ICompilerRequestor() { - @Override public void acceptResult(CompilationResult result) { diff --git a/tomcat-7.0.65-build.patch b/tomcat-7.0.70-build.patch similarity index 71% rename from tomcat-7.0.65-build.patch rename to tomcat-7.0.70-build.patch index 5e98385..6c8d8cc 100644 --- a/tomcat-7.0.65-build.patch +++ b/tomcat-7.0.70-build.patch @@ -1,8 +1,17 @@ ---- build.xml 2015-12-11 07:27:23.026996172 -0500 -+++ build.xml 2015-12-11 07:29:46.762002209 -0500 -@@ -1042,12 +1042,11 @@ +--- build.xml.orig 2016-06-15 12:45:47.000000000 -0400 ++++ build.xml 2016-07-01 12:01:58.494022657 -0400 +@@ -213,7 +213,7 @@ + + + +- ++ + + + +@@ -1046,12 +1046,11 @@ - + - - @@ -15,7 +24,18 @@ -@@ -2826,7 +2825,7 @@ Apache Tomcat ${version} native binaries +@@ -1699,8 +1698,8 @@ + + + +- ++ + + +@@ -2814,7 +2813,7 @@ @@ -24,7 +44,7 @@ -@@ -2857,7 +2856,7 @@ Apache Tomcat ${version} native binaries +@@ -2845,7 +2844,7 @@ @@ -33,7 +53,7 @@ -@@ -2886,7 +2885,7 @@ Apache Tomcat ${version} native binaries +@@ -2874,7 +2873,7 @@ @@ -42,12 +62,12 @@ -@@ -2927,7 +2926,7 @@ Apache Tomcat ${version} native binaries - +@@ -2915,7 +2914,7 @@ + - + - + diff --git a/tomcat.spec b/tomcat.spec index 84b8203..d45dcc3 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 65 +%global micro_version 70 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -81,9 +81,9 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch # Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 -Patch2: %{name}-7.0.57-CompilerOptionsV8.patch +Patch2: %{name}-7.0.70-CompilerOptionsV8.patch # Adding patch to remove unsupport ant tasks/attributes -Patch3: %{name}-7.0.65-build.patch +Patch3: %{name}-7.0.70-build.patch Patch4: %{name}-7.0-catalina-policy.patch BuildArch: noarch @@ -638,7 +638,7 @@ fi %{_sbindir}/%{name}-jsvc %changelog -* Fri Aug 05 2016 Coty Sutherland 0:7.0.65-2 +* Fri Aug 05 2016 Coty Sutherland 0:7.0.70-1 - Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html - Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) - Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out @@ -649,6 +649,7 @@ fi - Resolves: rhbz#1364067 The tomcat-tool-wrapper script is broken - Resolves: rhbz#1364068 The command tomcat-digest doesn't work - Resolves: rhbz#1311499 Updating package causes tomcat to not start on boot +- Resolves: rhbz#1352009 tomcat: multiple security vulnerabilities (updates to 7.0.70) * Fri Nov 13 2015 Coty Sutherland 0:7.0.65-1 - Updated to 7.0.65 From 817844a3cdb31b8b0b95d477fe424d6ff3aabaf9 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 11:17:22 -0400 Subject: [PATCH 33/79] Apparently my attention to detail caused a problem here. Whitespace cleaned up in my patch files caused them to fail to apply :( --- tomcat-7.0-catalina-policy.patch | 8 +++-- tomcat-7.0.70-CompilerOptionsV8.patch | 42 +++++++++++++-------------- 2 files changed, 26 insertions(+), 24 deletions(-) diff --git a/tomcat-7.0-catalina-policy.patch b/tomcat-7.0-catalina-policy.patch index 3f7dbc7..494e696 100644 --- a/tomcat-7.0-catalina-policy.patch +++ b/tomcat-7.0-catalina-policy.patch @@ -1,6 +1,6 @@ ---- conf/catalina.policy 2016-07-07 16:31:44.473000159 -0400 -+++ conf/catalina.policy 2016-07-07 16:32:14.349000359 -0400 -@@ -51,6 +51,36 @@ +--- conf/catalina.policy.orig 2016-08-05 11:13:17.192398668 -0400 ++++ conf/catalina.policy 2016-08-05 11:13:40.855396127 -0400 +@@ -51,6 +51,34 @@ }; @@ -30,6 +30,8 @@ +grant codeBase "file:/usr/share/java/log4j.jar" { + permission java.security.AllPermission; +}; ++ + // ========== CATALINA CODE PERMISSIONS ======================================= + diff --git a/tomcat-7.0.70-CompilerOptionsV8.patch b/tomcat-7.0.70-CompilerOptionsV8.patch index 1edba43..63c352f 100644 --- a/tomcat-7.0.70-CompilerOptionsV8.patch +++ b/tomcat-7.0.70-CompilerOptionsV8.patch @@ -1,43 +1,43 @@ ---- java/org/apache/jasper/compiler/JDTCompiler.java~ 2016-06-16 09:53:52.793827761 -0400 -+++ java/org/apache/jasper/compiler/JDTCompiler.java 2016-06-16 09:59:29.809134932 -0400 -@@ -67,7 +67,6 @@ public class JDTCompiler extends org.apa +--- java/org/apache/jasper/compiler/JDTCompiler.java 2016-08-05 10:42:20.654618855 -0400 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2016-08-05 10:44:51.486599219 -0400 +@@ -67,7 +67,6 @@ /** * Compile the servlet from .java file to .class file */ - @Override protected void generateClass(String[] smap) throws FileNotFoundException, JasperException, Exception { - -@@ -98,12 +97,10 @@ public class JDTCompiler extends org.apa + +@@ -98,12 +97,10 @@ this.sourceFile = sourceFile; } - + - @Override public char[] getFileName() { return sourceFile.toCharArray(); } - + - @Override public char[] getContents() { char[] result = null; FileInputStream is = null; -@@ -145,7 +142,6 @@ public class JDTCompiler extends org.apa +@@ -145,7 +142,6 @@ return result; } - + - @Override public char[] getMainTypeName() { int dot = className.lastIndexOf('.'); if (dot > 0) { -@@ -154,7 +150,6 @@ public class JDTCompiler extends org.apa +@@ -154,7 +150,6 @@ return className.toCharArray(); } - + - @Override public char[][] getPackageName() { StringTokenizer izer = new StringTokenizer(className, "."); -@@ -166,7 +161,6 @@ public class JDTCompiler extends org.apa +@@ -166,7 +161,6 @@ return result; } @@ -45,7 +45,7 @@ public boolean ignoreOptionalProblems() { return false; } -@@ -174,7 +168,6 @@ public class JDTCompiler extends org.apa +@@ -174,7 +168,6 @@ final INameEnvironment env = new INameEnvironment() { @@ -53,7 +53,7 @@ public NameEnvironmentAnswer findType(char[][] compoundTypeName) { StringBuilder result = new StringBuilder(); -@@ -187,7 +180,6 @@ public class JDTCompiler extends org.apa +@@ -187,7 +180,6 @@ return findType(result.toString()); } @@ -61,15 +61,15 @@ public NameEnvironmentAnswer findType(char[] typeName, char[][] packageName) { -@@ -269,7 +261,6 @@ public class JDTCompiler extends org.apa +@@ -269,7 +261,6 @@ } } - + - @Override public boolean isPackage(char[][] parentPackageName, char[] packageName) { StringBuilder result = new StringBuilder(); -@@ -291,7 +282,6 @@ public class JDTCompiler extends org.apa +@@ -291,7 +282,6 @@ return isPackage(result.toString()); } @@ -77,7 +77,7 @@ public void cleanup() { } -@@ -340,9 +330,6 @@ public class JDTCompiler extends org.apa +@@ -340,9 +330,6 @@ } else if(opt.equals("1.7")) { settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_1_7); @@ -87,7 +87,7 @@ } else { log.warn("Unknown source VM " + opt + " ignored."); settings.put(CompilerOptions.OPTION_Source, -@@ -384,11 +371,6 @@ public class JDTCompiler extends org.apa +@@ -384,11 +371,6 @@ CompilerOptions.VERSION_1_7); settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_1_7); @@ -99,9 +99,9 @@ } else { log.warn("Unknown target VM " + opt + " ignored."); settings.put(CompilerOptions.OPTION_TargetPlatform, -@@ -406,7 +388,6 @@ public class JDTCompiler extends org.apa +@@ -406,7 +388,6 @@ new DefaultProblemFactory(Locale.getDefault()); - + final ICompilerRequestor requestor = new ICompilerRequestor() { - @Override public void acceptResult(CompilationResult result) { From 79044f754b1bc1be7685f9e57f2fbbd4e2edb903 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 11:23:57 -0400 Subject: [PATCH 34/79] Updating the release to 1 for the first build of 7.0.70 --- tomcat.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index d45dcc3..eab6bcb 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 2%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons From 36a3e9ffec3336d29483c6830c171ed09e9b1254 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 15:17:10 -0400 Subject: [PATCH 35/79] Related: rhbz#1314177 Had to fix a minor syntax issue that caused it to improperly eval --- tomcat-7.0.init | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tomcat-7.0.init b/tomcat-7.0.init index bf0b5fc..c020083 100644 --- a/tomcat-7.0.init +++ b/tomcat-7.0.init @@ -289,7 +289,7 @@ case "$1" in RETVAL="1" fi else - pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f \"${NAME}[ $]\")" + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "${NAME}[ $]")" if [ -z "$pid" ]; then # status ${NAME} # RETVAL="$?" @@ -301,7 +301,7 @@ case "$1" in fi fi if [ -f /var/lock/subsys/${NAME} ]; then - pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f \"${NAME}[ $]\")" + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "${NAME}[ $]")" # The lockfile exists but the process is not running if [ -z "$pid" ]; then log_failure_msg "${NAME} lockfile exists but process is not running" From 35e239433c7a32610637e9ef671c9e03e13d3a8b Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 5 Aug 2016 15:21:26 -0400 Subject: [PATCH 36/79] Related: rhbz#1314177 Had to fix a minor syntax issue that caused it to improperly eval. Bumping release to rebuild --- tomcat.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index eab6bcb..099b39e 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 1%{?dist} +Release: 2%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -638,6 +638,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Aug 05 2016 Coty Sutherland 0:7.0.70-2 +- Related: rhbz#1314177 Had to fix a minor syntax issue that caused it to improperly eval + * Fri Aug 05 2016 Coty Sutherland 0:7.0.70-1 - Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html - Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) From 5a42e79227cf45c151135f19465a8c13d3778f8a Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Wed, 17 Aug 2016 16:06:51 -0400 Subject: [PATCH 37/79] Resolves: rhbz#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones) --- tomcat.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 099b39e..3cc6dcd 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 2%{?dist} +Release: 3%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -117,8 +117,8 @@ Requires: %{name}-lib = %{epoch}:%{version}-%{release} Requires(pre): shadow-utils Requires(post): chkconfig Requires(preun): chkconfig -Requires(post): redhat-lsb -Requires(preun): redhat-lsb +Requires(post): /lib/lsb/init-functions +Requires(preun): /lib/lsb/init-functions %description Tomcat is the servlet container that is used in the official Reference @@ -638,6 +638,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Wed Aug 17 2016 Coty Sutherland 0:7.0.70-3 +- Resolves: rhbz#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones) + * Fri Aug 05 2016 Coty Sutherland 0:7.0.70-2 - Related: rhbz#1314177 Had to fix a minor syntax issue that caused it to improperly eval From 25759ac67c46a47304d707404f1f002e3834a014 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 23 Sep 2016 16:32:11 -0400 Subject: [PATCH 38/79] Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header --- sources | 2 +- tomcat.spec | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/sources b/sources index e0d7898..7e4e264 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -0f56c888df5002cce25fce91634a65c9 apache-tomcat-7.0.70-src.tar.gz +e176d014e49685e2642f7abd8eb7b53b apache-tomcat-7.0.72-src.tar.gz diff --git a/tomcat.spec b/tomcat.spec index 3cc6dcd..2db8839 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 70 +%global micro_version 72 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 3%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -638,6 +638,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Sep 23 2016 Coty Sutherland 0:7.0.70-4 +- Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header + * Wed Aug 17 2016 Coty Sutherland 0:7.0.70-3 - Resolves: rhbz#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones) From 2d519e3c751dbe637f62af1d288ba38f783b53be Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 23 Sep 2016 16:59:38 -0400 Subject: [PATCH 39/79] Resolves: rhbz#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script --- tomcat-7.0.init | 11 ++++++++--- tomcat.spec | 1 + 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/tomcat-7.0.init b/tomcat-7.0.init index c020083..f3a4f2b 100644 --- a/tomcat-7.0.init +++ b/tomcat-7.0.init @@ -66,6 +66,9 @@ TOMCAT_PROG="${NAME}" # Define the tomcat username TOMCAT_USER="${TOMCAT_USER:-tomcat}" +# Define the tomcat group +TOMCAT_GROUP="${TOMCAT_GROUP:-`id -gn $TOMCAT_USER`}" + # Define the tomcat log file TOMCAT_LOG="${TOMCAT_LOG:-${CATALINA_HOME}/logs/${NAME}-initd.log}" @@ -122,7 +125,7 @@ function makeHomeDir() { cp -pLR /usr/share/${NAME}/conf $CATALINA_HOME ln -fs /usr/share/java/tomcat ${CATALINA_HOME}/lib ln -fs /usr/share/tomcat/webapps ${CATALINA_HOME}/webapps - chown ${TOMCAT_USER}:${TOMCAT_USER} /var/log/${NAME} + install -o ${TOMCAT_USER} -g ${TOMCAT_GROUP} -d -m 0770 /var/log/${NAME} fi } @@ -166,11 +169,13 @@ function start() { # fix permissions on the log and pid files touch $CATALINA_PID 2>&1 || RETVAL="4" if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then - chown ${TOMCAT_USER}:${TOMCAT_USER} $CATALINA_PID + install -o ${TOMCAT_USER} -g ${TOMCAT_GROUP} -m 644 /dev/null "${CATALINA_PID}" fi [ "$RETVAL" -eq "0" ] && touch $TOMCAT_LOG 2>&1 || RETVAL="4" if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then - chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG + if [ ! -f "${TOMCAT_LOG}" ]; then + install -o ${TOMCAT_USER} -g ${TOMCAT_GROUP} -m 644 /dev/null "${TOMCAT_LOG}" + fi fi if [ "$CATALINA_HOME" != "/usr/share/tomcat" -a "$RETVAL" -eq "0" ]; then # Create a tomcat directory if it doesn't exist diff --git a/tomcat.spec b/tomcat.spec index 2db8839..edbfc34 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -640,6 +640,7 @@ fi %changelog * Fri Sep 23 2016 Coty Sutherland 0:7.0.70-4 - Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header +- Resolves: rhbz#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script * Wed Aug 17 2016 Coty Sutherland 0:7.0.70-3 - Resolves: rhbz#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones) From 53a0501e50cf5e9595f4d75198b78b914b800a30 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 23 Sep 2016 17:00:13 -0400 Subject: [PATCH 40/79] Updating changelog version --- tomcat.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tomcat.spec b/tomcat.spec index edbfc34..7c4e1a4 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -638,7 +638,7 @@ fi %{_sbindir}/%{name}-jsvc %changelog -* Fri Sep 23 2016 Coty Sutherland 0:7.0.70-4 +* Fri Sep 23 2016 Coty Sutherland 0:7.0.72-1 - Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script From 99a815126836fa46e781a52cfa9427da74bd4dd6 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Sun, 25 Sep 2016 14:30:39 -0400 Subject: [PATCH 41/79] Resolves: rhbz#1379170 jsvc script is broken --- tomcat-7.0-jsvc.wrapper | 20 +++++++++++++------- tomcat.spec | 1 + 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/tomcat-7.0-jsvc.wrapper b/tomcat-7.0-jsvc.wrapper index 56fcc09..3bcff1e 100644 --- a/tomcat-7.0-jsvc.wrapper +++ b/tomcat-7.0-jsvc.wrapper @@ -8,13 +8,16 @@ else fi # Get the tomcat config (use this for environment specific settings) -#if [ -z "${TOMCAT_CFG}" ]; then -# TOMCAT_CFG="/etc/tomcat/tomcat.conf" -#fi +# if $TOMCAT_CFG wasn't already loaded +if [ -z "${TOMCAT_CFG_LOADED}" ]; then + if [ -z "${TOMCAT_CFG}" ]; then + TOMCAT_CFG="/etc/tomcat/tomcat.conf" + fi -#if [ -r "$TOMCAT_CFG" ]; then -# . $TOMCAT_CFG -#fi + if [ -r "$TOMCAT_CFG" ]; then + . $TOMCAT_CFG + fi +fi set_javacmd @@ -29,6 +32,9 @@ CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)" # if jsvc installed and USE_JSVC=true # then use jsvc instead of calling java directly if [ -x /usr/bin/jsvc ]; then + # Command to use for version so it doesn't use jsvc + VER_JAVACMD=$JAVACMD + JAVACMD="/usr/bin/jsvc -nodetach -user ${TOMCAT_USER} -outfile ${CATALINA_BASE}/logs/catalina.out -errfile ${CATALINA_BASE}/logs/catalina.out" if [ "$1" = "stop" ]; then JAVACMD="${JAVACMD} -stop" @@ -75,7 +81,7 @@ elif [ "$1" = "stop" ]; then org.apache.catalina.startup.Bootstrap stop \ >> ${CATALINA_BASE}/logs/catalina.out 2>&1 elif [ "$1" = "version" ]; then - ${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \ + ${VER_JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \ org.apache.catalina.util.ServerInfo else echo "Usage: $0 {start|start-security|stop|version}" diff --git a/tomcat.spec b/tomcat.spec index 7c4e1a4..40b31f7 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -641,6 +641,7 @@ fi * Fri Sep 23 2016 Coty Sutherland 0:7.0.72-1 - Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script +- Resolves: rhbz#1379170 jsvc script is broken * Wed Aug 17 2016 Coty Sutherland 0:7.0.70-3 - Resolves: rhbz#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones) From 449935b9adece9693ac1d38c40da5c9243a0e363 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Wed, 30 Nov 2016 09:52:02 -0500 Subject: [PATCH 42/79] Resolves: rhbz#1397495 CVE-2016-6816 CVE-2016-8735 tomcat: various flaws --- sources | 2 +- tomcat.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 7e4e264..c9d3615 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -e176d014e49685e2642f7abd8eb7b53b apache-tomcat-7.0.72-src.tar.gz +c8391fe6504d2104835a2f7f883858ad apache-tomcat-7.0.73-src.tar.gz diff --git a/tomcat.spec b/tomcat.spec index 40b31f7..2fd5e9f 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 72 +%global micro_version 73 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -638,6 +638,10 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Tue Nov 29 2016 Coty Sutherland - 0:7.0.73-1 +- Update to 7.0.73 +- Resolves: rhbz#1397495 CVE-2016-6816 CVE-2016-8735 tomcat: various flaws + * Fri Sep 23 2016 Coty Sutherland 0:7.0.72-1 - Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header - Resolves: rhbz#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script From e7435cfab30bb7c9b4371b6f4f9994559890c976 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 16 Feb 2017 16:07:32 -0500 Subject: [PATCH 43/79] Update to 7.0.75 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index c9d3615..2316b87 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c8391fe6504d2104835a2f7f883858ad apache-tomcat-7.0.73-src.tar.gz +SHA512 (apache-tomcat-7.0.75-src.tar.gz) = 2b7a0fc64ca58849713435993768b1f77666ad23f22cfb6091503bc1393f2c4fd3a61dac518efe4ccb22738d82fa81b1a1597ba148f4f829a0c642d131270117 diff --git a/tomcat.spec b/tomcat.spec index 2fd5e9f..fc39d65 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 73 +%global micro_version 75 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -638,6 +638,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Feb 16 2017 Coty Sutherland - 0:7.0.75-1 +- Update to 7.0.75 + * Tue Nov 29 2016 Coty Sutherland - 0:7.0.73-1 - Update to 7.0.73 - Resolves: rhbz#1397495 CVE-2016-6816 CVE-2016-8735 tomcat: various flaws From e84a075a5a9b11c46ceb349a1c890ffe5306987f Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 17 Feb 2017 14:23:24 -0500 Subject: [PATCH 44/79] Resolves: rhbz#1420223 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation --- tomcat.spec | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index fc39d65..79cb8fb 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -538,28 +538,31 @@ fi %attr(0755,root,root) %{_sbindir}/%{name} %attr(0755,root,root) %{_initrddir}/%{name} %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} -%config(noreplace) %{_sysconfdir}/sysconfig/%{name} +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/%{name} %attr(0755,root,tomcat) %dir %{basedir} %attr(0755,root,tomcat) %dir %{confdir} + %defattr(0664,tomcat,root,0770) %attr(0770,tomcat,root) %dir %{logdir} + %defattr(0664,root,tomcat,0770) %attr(0660,tomcat,tomcat) %verify(not size md5 mtime) %{logdir}/catalina.out %attr(0644,tomcat,tomcat) %verify(not size md5 mtime) %{_localstatedir}/run/%{name}.pid %attr(0770,root,tomcat) %dir %{cachedir} %attr(0770,root,tomcat) %dir %{tempdir} %attr(0770,root,tomcat) %dir %{workdir} -%defattr(0664,root,tomcat,0775) + +%defattr(0644,root,tomcat,0775) %attr(0775,root,tomcat) %dir %{appdir} %attr(0775,root,tomcat) %dir %{confdir}/Catalina %attr(0775,root,tomcat) %dir %{confdir}/Catalina/localhost -%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/%{name}.conf -%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/*.policy -%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/*.properties -%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/context.xml -%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/server.xml -%attr(0660,tomcat,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml -%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/web.xml +%config(noreplace) %{confdir}/%{name}.conf +%config(noreplace) %{confdir}/*.policy +%config(noreplace) %{confdir}/*.properties +%config(noreplace) %{confdir}/context.xml +%config(noreplace) %{confdir}/server.xml +%attr(0640,root,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml +%config(noreplace) %{confdir}/web.xml %dir %{homedir} %{_prefix}/lib/tmpfiles.d/%{name}.conf %{bindir}/bootstrap.jar @@ -640,6 +643,7 @@ fi %changelog * Thu Feb 16 2017 Coty Sutherland - 0:7.0.75-1 - Update to 7.0.75 +- Resolves: rhbz#1420223 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation * Tue Nov 29 2016 Coty Sutherland - 0:7.0.73-1 - Update to 7.0.73 From 7ea089f878290247ba685f93fa871b336d6b4989 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 17 Feb 2017 15:14:12 -0500 Subject: [PATCH 45/79] Resolves: rhbz#1372789 init script status command gives incorrect result --- tomcat-7.0.init | 4 ++-- tomcat.spec | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/tomcat-7.0.init b/tomcat-7.0.init index f3a4f2b..026adb9 100644 --- a/tomcat-7.0.init +++ b/tomcat-7.0.init @@ -294,7 +294,7 @@ case "$1" in RETVAL="1" fi else - pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "${NAME}[ $]")" + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "catalina\.base=${CATALINA_BASE}[ $]")" if [ -z "$pid" ]; then # status ${NAME} # RETVAL="$?" @@ -306,7 +306,7 @@ case "$1" in fi fi if [ -f /var/lock/subsys/${NAME} ]; then - pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "${NAME}[ $]")" + pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "catalina\.base=${CATALINA_BASE}[ $]")" # The lockfile exists but the process is not running if [ -z "$pid" ]; then log_failure_msg "${NAME} lockfile exists but process is not running" diff --git a/tomcat.spec b/tomcat.spec index 79cb8fb..dfce3e4 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -644,6 +644,7 @@ fi * Thu Feb 16 2017 Coty Sutherland - 0:7.0.75-1 - Update to 7.0.75 - Resolves: rhbz#1420223 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation +- Resolves: rhbz#1372789 init script status command gives incorrect result * Tue Nov 29 2016 Coty Sutherland - 0:7.0.73-1 - Update to 7.0.73 From bfc4824563781849d56892323b4e87faa277c853 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 31 Mar 2017 09:24:17 -0400 Subject: [PATCH 46/79] Update to 7.0.76 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 2316b87..8597b5a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.75-src.tar.gz) = 2b7a0fc64ca58849713435993768b1f77666ad23f22cfb6091503bc1393f2c4fd3a61dac518efe4ccb22738d82fa81b1a1597ba148f4f829a0c642d131270117 +SHA512 (apache-tomcat-7.0.76-src.tar.gz) = 5f469723fbbf77bb1cb7d3939cd8ab47e200bba4fcc0d6cb53ea8d1447ca126987f870b063b22f9bffa083601f0e3ac69fb2c32be723d8c7055a6acb93a749e1 diff --git a/tomcat.spec b/tomcat.spec index dfce3e4..4f2f60e 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 75 +%global micro_version 76 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -641,6 +641,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Mar 31 2017 Coty Sutherland - 0:7.0.76-1 +- Update to 7.0.76 + * Thu Feb 16 2017 Coty Sutherland - 0:7.0.75-1 - Update to 7.0.75 - Resolves: rhbz#1420223 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation From cd0ac4a1ff4e73d808443d132192582437e82efd Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Tue, 11 Apr 2017 09:06:43 -0400 Subject: [PATCH 47/79] Update to 7.0.77 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 8597b5a..9e8669d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.76-src.tar.gz) = 5f469723fbbf77bb1cb7d3939cd8ab47e200bba4fcc0d6cb53ea8d1447ca126987f870b063b22f9bffa083601f0e3ac69fb2c32be723d8c7055a6acb93a749e1 +SHA512 (apache-tomcat-7.0.77-src.tar.gz) = 19507de7f499df7269d8f819c30dc8194528555e9d6d430dad4b7ff3dc0c5c865d432eaef75bb2c157170cc5ebf76da5884296bf4e089c118448088a46f5e428 diff --git a/tomcat.spec b/tomcat.spec index 4f2f60e..1ff4208 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 76 +%global micro_version 77 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -641,6 +641,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Tue Apr 11 2017 Coty Sutherland - 0:7.0.77-1 +- Update to 7.0.77 + * Fri Mar 31 2017 Coty Sutherland - 0:7.0.76-1 - Update to 7.0.76 From 0e797f55f0bc5b8d2f359281f4b649089f5407d2 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 9 Jun 2017 15:33:46 -0400 Subject: [PATCH 48/79] Resolves: rhbz#1459161 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism --- sources | 2 +- tomcat.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 9e8669d..ed7e98f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.77-src.tar.gz) = 19507de7f499df7269d8f819c30dc8194528555e9d6d430dad4b7ff3dc0c5c865d432eaef75bb2c157170cc5ebf76da5884296bf4e089c118448088a46f5e428 +8232183c0484f7ab5a3aab5a734e0642 apache-tomcat-7.0.78-src.tar.gz diff --git a/tomcat.spec b/tomcat.spec index 1ff4208..5fc85dc 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 77 +%global micro_version 78 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -641,6 +641,10 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Jun 09 2017 Coty Sutherland - 0:7.0.78-1 +- Update to 7.0.78 +- Resolves: rhbz#1459161 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism + * Tue Apr 11 2017 Coty Sutherland - 0:7.0.77-1 - Update to 7.0.77 From db12ab1d5e89664078d6affb200f9b96f82f6636 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 9 Jun 2017 15:47:27 -0400 Subject: [PATCH 49/79] Updated sources with rhpkg instead of fedpkg accidentally. Fixing that --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index ed7e98f..9e8669d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -8232183c0484f7ab5a3aab5a734e0642 apache-tomcat-7.0.78-src.tar.gz +SHA512 (apache-tomcat-7.0.77-src.tar.gz) = 19507de7f499df7269d8f819c30dc8194528555e9d6d430dad4b7ff3dc0c5c865d432eaef75bb2c157170cc5ebf76da5884296bf4e089c118448088a46f5e428 From e12e1e78e78299071e5da5a38b23a7dc24c79fd7 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 9 Jun 2017 15:54:14 -0400 Subject: [PATCH 50/79] Updated wrong source tar...this time it's right for sure --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index 9e8669d..a825da8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.77-src.tar.gz) = 19507de7f499df7269d8f819c30dc8194528555e9d6d430dad4b7ff3dc0c5c865d432eaef75bb2c157170cc5ebf76da5884296bf4e089c118448088a46f5e428 +SHA512 (apache-tomcat-7.0.78-src.tar.gz) = d623f8d04c23bfeb38f20eeaa5051db9ec16a945a727810ef0e0aa4179140d6089e1d5974276df23ab5e21ba50739a969766663af25cd74436377e14cba291dc From 4b8fa750e763f7a42e7b58d9583a60a120baedd5 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Mon, 21 Aug 2017 10:26:03 -0400 Subject: [PATCH 51/79] Resolves: rhbz#1480621 CVE-2017-7674 tomcat: Cache Poisoning --- sources | 2 +- tomcat.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sources b/sources index a825da8..ceccb82 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.78-src.tar.gz) = d623f8d04c23bfeb38f20eeaa5051db9ec16a945a727810ef0e0aa4179140d6089e1d5974276df23ab5e21ba50739a969766663af25cd74436377e14cba291dc +bb0b227624b4d2134366ffe629e2fe2d apache-tomcat-7.0.81-src.tar.gz diff --git a/tomcat.spec b/tomcat.spec index 5fc85dc..ea2a819 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 78 +%global micro_version 81 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -641,6 +641,10 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Mon Aug 21 2017 Coty Sutherland - 0:7.0.81-1 +- Update to 7.0.81 +- Resolves: rhbz#1480621 CVE-2017-7674 tomcat: Cache Poisoning + * Fri Jun 09 2017 Coty Sutherland - 0:7.0.78-1 - Update to 7.0.78 - Resolves: rhbz#1459161 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism From 49ac0f639ecd32b70ce879ac11aebf1eac1bdf8a Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Mon, 21 Aug 2017 10:32:14 -0400 Subject: [PATCH 52/79] Updating sources with fedpkg instead of rhpkg... --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index ceccb82..385fc09 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -bb0b227624b4d2134366ffe629e2fe2d apache-tomcat-7.0.81-src.tar.gz +SHA512 (apache-tomcat-7.0.81-src.tar.gz) = 25e237aa7189cf9a9617badf8936fd7ec64550bcac3bab2e2afe51d5e199eddfe17e0d6d27ac7ebf3543d1601467fcd8362ddf9a5b708c50b223d7c8d18bbb3b From 1e5a8963670d925c47c4ced9d2de22b595b3d3bb Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Wed, 4 Oct 2017 09:05:46 -0400 Subject: [PATCH 53/79] Update to 7.0.82 Resolves: rhbz#1497681 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615 --- sources | 2 +- tomcat.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 385fc09..c8ddf34 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.81-src.tar.gz) = 25e237aa7189cf9a9617badf8936fd7ec64550bcac3bab2e2afe51d5e199eddfe17e0d6d27ac7ebf3543d1601467fcd8362ddf9a5b708c50b223d7c8d18bbb3b +SHA512 (apache-tomcat-7.0.82-src.tar.gz) = fc92388d81316de0246df4074c417ffa341eab55308c0694e9ea71c5497c863b42019cd1f38628ff640114c501a06c4e9c428cb2b6f1bc1c16fb337a286718db diff --git a/tomcat.spec b/tomcat.spec index ea2a819..a3f3341 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 81 +%global micro_version 82 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -641,6 +641,10 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Wed Oct 04 2017 Coty Sutherland - 0:7.0.82-1 +- Update to 7.0.82 +- Resolves: rhbz#1497681 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615 + * Mon Aug 21 2017 Coty Sutherland - 0:7.0.81-1 - Update to 7.0.81 - Resolves: rhbz#1480621 CVE-2017-7674 tomcat: Cache Poisoning From ac5e3ee050898dd67e4325c6d60a47be962449fc Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 1 Feb 2018 08:56:29 -0500 Subject: [PATCH 54/79] Update to 7.0.84 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index c8ddf34..9759435 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.82-src.tar.gz) = fc92388d81316de0246df4074c417ffa341eab55308c0694e9ea71c5497c863b42019cd1f38628ff640114c501a06c4e9c428cb2b6f1bc1c16fb337a286718db +SHA512 (apache-tomcat-7.0.84-src.tar.gz) = ca6b3f17f56a0b1befafd2efbfa07cbe094fb4ab022a3b5d704d249e551b44c6ef0d9691bd1b7c48ccda957efb43045209d11ca1a4aa0a7875e516e3a233cd74 diff --git a/tomcat.spec b/tomcat.spec index a3f3341..6dd14dc 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 82 +%global micro_version 84 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -641,6 +641,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Feb 01 2018 Coty Sutherland - 0:7.0.84-1 +- Update to 7.0.84 + * Wed Oct 04 2017 Coty Sutherland - 0:7.0.82-1 - Update to 7.0.82 - Resolves: rhbz#1497681 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615 From 04ebf2cc896ced610294c86e174908f7a3258c40 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 1 Feb 2018 10:09:27 -0500 Subject: [PATCH 55/79] The tomcat-native binary is no longer copied to bin. See http://svn.apache.org/r1818186 for more details --- tomcat.spec | 2 -- 1 file changed, 2 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 6dd14dc..626cb2f 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -277,8 +277,6 @@ export OPT_JAR_LIST="ant/ant-trax ant/ant-nodeps xalan-j2-serializer" output/build/lib/ecj.jar \ output/build/lib/jakarta-commons-dbcp.jar - # remove the cruft we created - %{__rm} output/build/bin/tomcat-native.tar.gz pushd output/dist/src/webapps/docs/appdev/sample/src %{__mkdir_p} ../web/WEB-INF/classes %{javac} -cp ../../../../../../../../output/build/lib/servlet-api.jar -d ../web/WEB-INF/classes mypackage/Hello.java From b2405bc450a79279c4239562ccf3e9530fde8fcd Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 1 Feb 2018 10:18:53 -0500 Subject: [PATCH 56/79] Update CompilerOptions patch to remove Java 1.9 version --- ... => tomcat-7.0.84-CompilerOptionsV89.patch | 56 +++++++++++-------- tomcat.spec | 2 +- 2 files changed, 33 insertions(+), 25 deletions(-) rename tomcat-7.0.70-CompilerOptionsV8.patch => tomcat-7.0.84-CompilerOptionsV89.patch (67%) diff --git a/tomcat-7.0.70-CompilerOptionsV8.patch b/tomcat-7.0.84-CompilerOptionsV89.patch similarity index 67% rename from tomcat-7.0.70-CompilerOptionsV8.patch rename to tomcat-7.0.84-CompilerOptionsV89.patch index 63c352f..aa379e0 100644 --- a/tomcat-7.0.70-CompilerOptionsV8.patch +++ b/tomcat-7.0.84-CompilerOptionsV89.patch @@ -1,14 +1,14 @@ ---- java/org/apache/jasper/compiler/JDTCompiler.java 2016-08-05 10:42:20.654618855 -0400 -+++ java/org/apache/jasper/compiler/JDTCompiler.java 2016-08-05 10:44:51.486599219 -0400 -@@ -67,7 +67,6 @@ - /** +--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2018-02-01 10:13:12.975989687 -0500 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2018-02-01 10:15:47.913534769 -0500 +@@ -67,7 +67,6 @@ public class JDTCompiler extends org.apa + /** * Compile the servlet from .java file to .class file */ - @Override protected void generateClass(String[] smap) throws FileNotFoundException, JasperException, Exception { -@@ -98,12 +97,10 @@ +@@ -98,12 +97,10 @@ public class JDTCompiler extends org.apa this.sourceFile = sourceFile; } @@ -16,28 +16,28 @@ public char[] getFileName() { return sourceFile.toCharArray(); } - + - @Override public char[] getContents() { char[] result = null; FileInputStream is = null; -@@ -145,7 +142,6 @@ +@@ -145,7 +142,6 @@ public class JDTCompiler extends org.apa return result; } - + - @Override public char[] getMainTypeName() { int dot = className.lastIndexOf('.'); if (dot > 0) { -@@ -154,7 +150,6 @@ +@@ -154,7 +150,6 @@ public class JDTCompiler extends org.apa return className.toCharArray(); } - + - @Override public char[][] getPackageName() { - StringTokenizer izer = + StringTokenizer izer = new StringTokenizer(className, "."); -@@ -166,7 +161,6 @@ +@@ -166,7 +161,6 @@ public class JDTCompiler extends org.apa return result; } @@ -45,31 +45,31 @@ public boolean ignoreOptionalProblems() { return false; } -@@ -174,7 +168,6 @@ +@@ -174,7 +168,6 @@ public class JDTCompiler extends org.apa final INameEnvironment env = new INameEnvironment() { - @Override - public NameEnvironmentAnswer + public NameEnvironmentAnswer findType(char[][] compoundTypeName) { StringBuilder result = new StringBuilder(); -@@ -187,7 +180,6 @@ +@@ -187,7 +180,6 @@ public class JDTCompiler extends org.apa return findType(result.toString()); } - @Override - public NameEnvironmentAnswer - findType(char[] typeName, + public NameEnvironmentAnswer + findType(char[] typeName, char[][] packageName) { -@@ -269,7 +261,6 @@ +@@ -269,7 +261,6 @@ public class JDTCompiler extends org.apa } } - @Override - public boolean isPackage(char[][] parentPackageName, + public boolean isPackage(char[][] parentPackageName, char[] packageName) { StringBuilder result = new StringBuilder(); -@@ -291,7 +282,6 @@ +@@ -291,7 +282,6 @@ public class JDTCompiler extends org.apa return isPackage(result.toString()); } @@ -77,17 +77,20 @@ public void cleanup() { } -@@ -340,9 +330,6 @@ +@@ -340,12 +330,6 @@ public class JDTCompiler extends org.apa } else if(opt.equals("1.7")) { settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_1_7); - } else if(opt.equals("1.8")) { - settings.put(CompilerOptions.OPTION_Source, - CompilerOptions.VERSION_1_8); +- } else if(opt.equals("1.9")) { +- settings.put(CompilerOptions.OPTION_Source, +- "1.9"); // CompilerOptions.VERSION_1_9 } else { log.warn("Unknown source VM " + opt + " ignored."); settings.put(CompilerOptions.OPTION_Source, -@@ -384,11 +371,6 @@ +@@ -387,16 +371,6 @@ public class JDTCompiler extends org.apa CompilerOptions.VERSION_1_7); settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_1_7); @@ -96,12 +99,17 @@ - CompilerOptions.VERSION_1_8); - settings.put(CompilerOptions.OPTION_Compliance, - CompilerOptions.VERSION_1_8); +- } else if(opt.equals("1.9")) { +- settings.put(CompilerOptions.OPTION_TargetPlatform, +- "1.9"); // CompilerOptions.VERSION_1_9 +- settings.put(CompilerOptions.OPTION_Compliance, +- "1.9"); // CompilerOptions.VERSION_1_9 } else { log.warn("Unknown target VM " + opt + " ignored."); settings.put(CompilerOptions.OPTION_TargetPlatform, -@@ -406,7 +388,6 @@ +@@ -414,7 +388,6 @@ public class JDTCompiler extends org.apa new DefaultProblemFactory(Locale.getDefault()); - + final ICompilerRequestor requestor = new ICompilerRequestor() { - @Override public void acceptResult(CompilationResult result) { diff --git a/tomcat.spec b/tomcat.spec index 626cb2f..8bb6cb3 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -81,7 +81,7 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch # Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 -Patch2: %{name}-7.0.70-CompilerOptionsV8.patch +Patch2: %{name}-7.0.84-CompilerOptionsV89.patch # Adding patch to remove unsupport ant tasks/attributes Patch3: %{name}-7.0.70-build.patch Patch4: %{name}-7.0-catalina-policy.patch From ddf0b328a15b6c552d14e847a322acc4b6df9f1f Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 16 Mar 2018 11:16:34 -0400 Subject: [PATCH 57/79] Update to 7.0.85 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 9759435..3c79e88 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.84-src.tar.gz) = ca6b3f17f56a0b1befafd2efbfa07cbe094fb4ab022a3b5d704d249e551b44c6ef0d9691bd1b7c48ccda957efb43045209d11ca1a4aa0a7875e516e3a233cd74 +SHA512 (apache-tomcat-7.0.85-src.tar.gz) = f95383b2c77670845cce577161ecf326c3e0f49d456792a53305640289d049b0de80f4b6901bcda52bc4967895f97772591eee525affee1a1d07aac2e60d2044 diff --git a/tomcat.spec b/tomcat.spec index 8bb6cb3..a72b66e 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 84 +%global micro_version 85 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -639,6 +639,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Fri Mar 16 2018 Coty Sutherland - 1:7.0.85-1 +- Update to 7.0.85 + * Thu Feb 01 2018 Coty Sutherland - 0:7.0.84-1 - Update to 7.0.84 From 4b33f22df61355594ad647f0478b0afbb7789d29 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Fri, 16 Mar 2018 11:27:13 -0400 Subject: [PATCH 58/79] Forgot to add changelog entires for the CVEs --- tomcat.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tomcat.spec b/tomcat.spec index a72b66e..c1bef53 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -641,6 +641,8 @@ fi %changelog * Fri Mar 16 2018 Coty Sutherland - 1:7.0.85-1 - Update to 7.0.85 +- Resolves: rhbz#1548291 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources +- Resolves: rhbz#1548283 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users * Thu Feb 01 2018 Coty Sutherland - 0:7.0.84-1 - Update to 7.0.84 From 6ddb487a2a85281e3c2ea486e6771feec6d1473c Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Tue, 1 May 2018 09:56:53 -0400 Subject: [PATCH 59/79] Update to 7.0.86 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 3c79e88..ec97d49 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.85-src.tar.gz) = f95383b2c77670845cce577161ecf326c3e0f49d456792a53305640289d049b0de80f4b6901bcda52bc4967895f97772591eee525affee1a1d07aac2e60d2044 +SHA512 (apache-tomcat-7.0.86-src.tar.gz) = 2029299879121267e38030e7ef38ec7b9e27f679d6437a218b72b7f94cf8352cc9f7762af1db06c119d1a9905f74a335041b884cdab101b0039025120e6f7b96 diff --git a/tomcat.spec b/tomcat.spec index c1bef53..48cf16d 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 85 +%global micro_version 86 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -639,6 +639,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Tue May 01 2018 Coty Sutherland - 1:7.0.86-1 +- Update to 7.0.86 + * Fri Mar 16 2018 Coty Sutherland - 1:7.0.85-1 - Update to 7.0.85 - Resolves: rhbz#1548291 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources From 715415eccc2b29ca47ac1c303b6d67a154ee58d0 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Tue, 31 Jul 2018 16:17:53 -0400 Subject: [PATCH 60/79] Update to 7.0.90 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index ec97d49..6a3c1ff 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.86-src.tar.gz) = 2029299879121267e38030e7ef38ec7b9e27f679d6437a218b72b7f94cf8352cc9f7762af1db06c119d1a9905f74a335041b884cdab101b0039025120e6f7b96 +SHA512 (apache-tomcat-7.0.90-src.tar.gz) = b32cb6902866ef72337c721d99d77f1a645311bb7694f51b82f7acec500c6197df15fb41be444fc6089652e8c825fb193f1a9de8c1b9b6fabd9d95f784565f6a diff --git a/tomcat.spec b/tomcat.spec index 48cf16d..4cfe1f0 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 86 +%global micro_version 90 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -639,6 +639,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Tue Jul 31 2018 Coty Sutherland - 1:7.0.90-1 +- Update to 7.0.90 + * Tue May 01 2018 Coty Sutherland - 1:7.0.86-1 - Update to 7.0.86 From 69c429d6280780296d4ec2c01146c2ec5d703ea1 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Tue, 31 Jul 2018 17:01:08 -0400 Subject: [PATCH 61/79] Related: Update to 7.0.90 Fix patch files so that they apply correctly --- ... tomcat-7.0.90-RemoveCompilerOptions.patch | 52 +++++++------------ ...0-build.patch => tomcat-7.0.90-build.patch | 46 ++++++++-------- tomcat.spec | 4 +- 3 files changed, 45 insertions(+), 57 deletions(-) rename tomcat-7.0.84-CompilerOptionsV89.patch => tomcat-7.0.90-RemoveCompilerOptions.patch (61%) rename tomcat-7.0.70-build.patch => tomcat-7.0.90-build.patch (74%) diff --git a/tomcat-7.0.84-CompilerOptionsV89.patch b/tomcat-7.0.90-RemoveCompilerOptions.patch similarity index 61% rename from tomcat-7.0.84-CompilerOptionsV89.patch rename to tomcat-7.0.90-RemoveCompilerOptions.patch index aa379e0..3de72aa 100644 --- a/tomcat-7.0.84-CompilerOptionsV89.patch +++ b/tomcat-7.0.90-RemoveCompilerOptions.patch @@ -1,6 +1,6 @@ ---- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2018-02-01 10:13:12.975989687 -0500 -+++ java/org/apache/jasper/compiler/JDTCompiler.java 2018-02-01 10:15:47.913534769 -0500 -@@ -67,7 +67,6 @@ public class JDTCompiler extends org.apa +--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2018-07-02 13:12:33.000000000 -0400 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2018-07-31 16:48:35.420679218 -0400 +@@ -95,7 +95,6 @@ public class JDTCompiler extends org.apa /** * Compile the servlet from .java file to .class file */ @@ -8,7 +8,7 @@ protected void generateClass(String[] smap) throws FileNotFoundException, JasperException, Exception { -@@ -98,12 +97,10 @@ public class JDTCompiler extends org.apa +@@ -126,12 +125,10 @@ public class JDTCompiler extends org.apa this.sourceFile = sourceFile; } @@ -21,7 +21,7 @@ public char[] getContents() { char[] result = null; FileInputStream is = null; -@@ -145,7 +142,6 @@ public class JDTCompiler extends org.apa +@@ -173,7 +170,6 @@ public class JDTCompiler extends org.apa return result; } @@ -29,7 +29,7 @@ public char[] getMainTypeName() { int dot = className.lastIndexOf('.'); if (dot > 0) { -@@ -154,7 +150,6 @@ public class JDTCompiler extends org.apa +@@ -182,7 +178,6 @@ public class JDTCompiler extends org.apa return className.toCharArray(); } @@ -37,7 +37,7 @@ public char[][] getPackageName() { StringTokenizer izer = new StringTokenizer(className, "."); -@@ -166,7 +161,6 @@ public class JDTCompiler extends org.apa +@@ -194,7 +189,6 @@ public class JDTCompiler extends org.apa return result; } @@ -45,7 +45,7 @@ public boolean ignoreOptionalProblems() { return false; } -@@ -174,7 +168,6 @@ public class JDTCompiler extends org.apa +@@ -202,7 +196,6 @@ public class JDTCompiler extends org.apa final INameEnvironment env = new INameEnvironment() { @@ -53,7 +53,7 @@ public NameEnvironmentAnswer findType(char[][] compoundTypeName) { StringBuilder result = new StringBuilder(); -@@ -187,7 +180,6 @@ public class JDTCompiler extends org.apa +@@ -215,7 +208,6 @@ public class JDTCompiler extends org.apa return findType(result.toString()); } @@ -61,7 +61,7 @@ public NameEnvironmentAnswer findType(char[] typeName, char[][] packageName) { -@@ -269,7 +261,6 @@ public class JDTCompiler extends org.apa +@@ -297,7 +289,6 @@ public class JDTCompiler extends org.apa } } @@ -69,7 +69,7 @@ public boolean isPackage(char[][] parentPackageName, char[] packageName) { StringBuilder result = new StringBuilder(); -@@ -291,7 +282,6 @@ public class JDTCompiler extends org.apa +@@ -319,7 +310,6 @@ public class JDTCompiler extends org.apa return isPackage(result.toString()); } @@ -77,37 +77,25 @@ public void cleanup() { } -@@ -340,12 +330,6 @@ public class JDTCompiler extends org.apa +@@ -368,17 +358,6 @@ public class JDTCompiler extends org.apa } else if(opt.equals("1.7")) { settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_1_7); - } else if(opt.equals("1.8")) { - settings.put(CompilerOptions.OPTION_Source, - CompilerOptions.VERSION_1_8); -- } else if(opt.equals("1.9")) { +- // Support old format that was used in EA implementation as well +- } else if(opt.equals("9") || opt.equals("1.9")) { - settings.put(CompilerOptions.OPTION_Source, -- "1.9"); // CompilerOptions.VERSION_1_9 +- JDT_JAVA_9_VERSION); +- } else if(opt.equals("10")) { +- // Constant not available in latest ECJ version that runs on +- // Java 7 +- settings.put(CompilerOptions.OPTION_Source, "10"); } else { log.warn("Unknown source VM " + opt + " ignored."); settings.put(CompilerOptions.OPTION_Source, -@@ -387,16 +371,6 @@ public class JDTCompiler extends org.apa - CompilerOptions.VERSION_1_7); - settings.put(CompilerOptions.OPTION_Compliance, - CompilerOptions.VERSION_1_7); -- } else if(opt.equals("1.8")) { -- settings.put(CompilerOptions.OPTION_TargetPlatform, -- CompilerOptions.VERSION_1_8); -- settings.put(CompilerOptions.OPTION_Compliance, -- CompilerOptions.VERSION_1_8); -- } else if(opt.equals("1.9")) { -- settings.put(CompilerOptions.OPTION_TargetPlatform, -- "1.9"); // CompilerOptions.VERSION_1_9 -- settings.put(CompilerOptions.OPTION_Compliance, -- "1.9"); // CompilerOptions.VERSION_1_9 - } else { - log.warn("Unknown target VM " + opt + " ignored."); - settings.put(CompilerOptions.OPTION_TargetPlatform, -@@ -414,7 +388,6 @@ public class JDTCompiler extends org.apa +@@ -452,7 +431,6 @@ public class JDTCompiler extends org.apa new DefaultProblemFactory(Locale.getDefault()); final ICompilerRequestor requestor = new ICompilerRequestor() { diff --git a/tomcat-7.0.70-build.patch b/tomcat-7.0.90-build.patch similarity index 74% rename from tomcat-7.0.70-build.patch rename to tomcat-7.0.90-build.patch index 6c8d8cc..63a974c 100644 --- a/tomcat-7.0.70-build.patch +++ b/tomcat-7.0.90-build.patch @@ -1,6 +1,6 @@ ---- build.xml.orig 2016-06-15 12:45:47.000000000 -0400 -+++ build.xml 2016-07-01 12:01:58.494022657 -0400 -@@ -213,7 +213,7 @@ +--- build.xml.orig 2018-07-31 16:53:30.644130082 -0400 ++++ build.xml 2018-07-31 16:56:12.472419607 -0400 +@@ -216,7 +216,7 @@ @@ -9,9 +9,9 @@ -@@ -1046,12 +1046,11 @@ +@@ -1056,12 +1056,11 @@ - + - - @@ -24,10 +24,10 @@ -@@ -1699,8 +1698,8 @@ - +@@ -1734,8 +1733,8 @@ + - + - + - + - + diff --git a/tomcat.spec b/tomcat.spec index 4cfe1f0..ed4f9ad 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -81,9 +81,9 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch # Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 -Patch2: %{name}-7.0.84-CompilerOptionsV89.patch +Patch2: %{name}-7.0.90-RemoveCompilerOptions.patch # Adding patch to remove unsupport ant tasks/attributes -Patch3: %{name}-7.0.70-build.patch +Patch3: %{name}-7.0.90-build.patch Patch4: %{name}-7.0-catalina-policy.patch BuildArch: noarch From 5d151717172d449a4bb1b29230ae9dc69c8f7d62 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 13 Dec 2018 11:45:59 -0500 Subject: [PATCH 62/79] Update to 7.0.92 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 6a3c1ff..bdb6545 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.90-src.tar.gz) = b32cb6902866ef72337c721d99d77f1a645311bb7694f51b82f7acec500c6197df15fb41be444fc6089652e8c825fb193f1a9de8c1b9b6fabd9d95f784565f6a +SHA512 (apache-tomcat-7.0.92-src.tar.gz) = 8cbcaf6d8dcda5ad8bd667582a39e91c1feaa4cc7216cafc23b9f5cf005cce9af24473c1c9d573f4da26c88ea68520a113dc0a7e2a50823f3ba3bb1510ec9e0a diff --git a/tomcat.spec b/tomcat.spec index ed4f9ad..2cf0c7a 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 90 +%global micro_version 92 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -639,6 +639,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Dec 13 2018 Coty Sutherland - 1:7.0.92-1 +- Update to 7.0.92 + * Tue Jul 31 2018 Coty Sutherland - 1:7.0.90-1 - Update to 7.0.90 From 05293ee2a3e5bbdf4a5b3de8df6dc2b42954b94b Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 13 Dec 2018 11:48:15 -0500 Subject: [PATCH 63/79] Add changelog entries for CVEs to update notes --- tomcat.spec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tomcat.spec b/tomcat.spec index 2cf0c7a..0d418cc 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -641,9 +641,13 @@ fi %changelog * Thu Dec 13 2018 Coty Sutherland - 1:7.0.92-1 - Update to 7.0.92 +- Resolves: rhbz#1636513 - CVE-2018-11784 tomcat: Open redirect in default servlet * Tue Jul 31 2018 Coty Sutherland - 1:7.0.90-1 - Update to 7.0.90 +- Resolves: rhbz#1607586 - CVE-2018-8034 tomcat: host name verification missing in WebSocket client +- Resolves: rhbz#1579612 - CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins +- Resolves: rhbz#1624929 - CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS * Tue May 01 2018 Coty Sutherland - 1:7.0.86-1 - Update to 7.0.86 From 86ec90907ed0a55d108adb98718e4a86b8553ad4 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Tue, 18 Jun 2019 10:12:41 -0400 Subject: [PATCH 64/79] Update to 7.0.94 Resolves: rhbz#1713280 - CVE-2019-0221 tomcat: XSS in SSI printenv --- .gitignore | 2 + sources | 2 +- tomcat-7.0.90-RemoveCompilerOptions.patch | 105 -------------- tomcat-7.0.94-RemoveCompilerOptions.patch | 162 ++++++++++++++++++++++ tomcat.spec | 8 +- 5 files changed, 171 insertions(+), 108 deletions(-) delete mode 100644 tomcat-7.0.90-RemoveCompilerOptions.patch create mode 100644 tomcat-7.0.94-RemoveCompilerOptions.patch diff --git a/.gitignore b/.gitignore index 27051a9..095e3b5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ apache-tomcat-*-src.tar.gz apache-tomcat-*-src +results_tomcat/ +tomcat*src.rpm diff --git a/sources b/sources index bdb6545..27faf09 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.92-src.tar.gz) = 8cbcaf6d8dcda5ad8bd667582a39e91c1feaa4cc7216cafc23b9f5cf005cce9af24473c1c9d573f4da26c88ea68520a113dc0a7e2a50823f3ba3bb1510ec9e0a +SHA512 (apache-tomcat-7.0.94-src.tar.gz) = 5e8d2fab7145af5677170299bec0ae5ea5fd20b7a539738678a420581f9b53a95a6fbb1caffb54c7222d97edfe8ff34ce6dbb7ba62adb1a61f2bfa6b15c43139 diff --git a/tomcat-7.0.90-RemoveCompilerOptions.patch b/tomcat-7.0.90-RemoveCompilerOptions.patch deleted file mode 100644 index 3de72aa..0000000 --- a/tomcat-7.0.90-RemoveCompilerOptions.patch +++ /dev/null @@ -1,105 +0,0 @@ ---- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2018-07-02 13:12:33.000000000 -0400 -+++ java/org/apache/jasper/compiler/JDTCompiler.java 2018-07-31 16:48:35.420679218 -0400 -@@ -95,7 +95,6 @@ public class JDTCompiler extends org.apa - /** - * Compile the servlet from .java file to .class file - */ -- @Override - protected void generateClass(String[] smap) - throws FileNotFoundException, JasperException, Exception { - -@@ -126,12 +125,10 @@ public class JDTCompiler extends org.apa - this.sourceFile = sourceFile; - } - -- @Override - public char[] getFileName() { - return sourceFile.toCharArray(); - } - -- @Override - public char[] getContents() { - char[] result = null; - FileInputStream is = null; -@@ -173,7 +170,6 @@ public class JDTCompiler extends org.apa - return result; - } - -- @Override - public char[] getMainTypeName() { - int dot = className.lastIndexOf('.'); - if (dot > 0) { -@@ -182,7 +178,6 @@ public class JDTCompiler extends org.apa - return className.toCharArray(); - } - -- @Override - public char[][] getPackageName() { - StringTokenizer izer = - new StringTokenizer(className, "."); -@@ -194,7 +189,6 @@ public class JDTCompiler extends org.apa - return result; - } - -- @Override - public boolean ignoreOptionalProblems() { - return false; - } -@@ -202,7 +196,6 @@ public class JDTCompiler extends org.apa - - final INameEnvironment env = new INameEnvironment() { - -- @Override - public NameEnvironmentAnswer - findType(char[][] compoundTypeName) { - StringBuilder result = new StringBuilder(); -@@ -215,7 +208,6 @@ public class JDTCompiler extends org.apa - return findType(result.toString()); - } - -- @Override - public NameEnvironmentAnswer - findType(char[] typeName, - char[][] packageName) { -@@ -297,7 +289,6 @@ public class JDTCompiler extends org.apa - } - } - -- @Override - public boolean isPackage(char[][] parentPackageName, - char[] packageName) { - StringBuilder result = new StringBuilder(); -@@ -319,7 +310,6 @@ public class JDTCompiler extends org.apa - return isPackage(result.toString()); - } - -- @Override - public void cleanup() { - } - -@@ -368,17 +358,6 @@ public class JDTCompiler extends org.apa - } else if(opt.equals("1.7")) { - settings.put(CompilerOptions.OPTION_Source, - CompilerOptions.VERSION_1_7); -- } else if(opt.equals("1.8")) { -- settings.put(CompilerOptions.OPTION_Source, -- CompilerOptions.VERSION_1_8); -- // Support old format that was used in EA implementation as well -- } else if(opt.equals("9") || opt.equals("1.9")) { -- settings.put(CompilerOptions.OPTION_Source, -- JDT_JAVA_9_VERSION); -- } else if(opt.equals("10")) { -- // Constant not available in latest ECJ version that runs on -- // Java 7 -- settings.put(CompilerOptions.OPTION_Source, "10"); - } else { - log.warn("Unknown source VM " + opt + " ignored."); - settings.put(CompilerOptions.OPTION_Source, -@@ -452,7 +431,6 @@ public class JDTCompiler extends org.apa - new DefaultProblemFactory(Locale.getDefault()); - - final ICompilerRequestor requestor = new ICompilerRequestor() { -- @Override - public void acceptResult(CompilationResult result) { - try { - if (result.hasProblems()) { diff --git a/tomcat-7.0.94-RemoveCompilerOptions.patch b/tomcat-7.0.94-RemoveCompilerOptions.patch new file mode 100644 index 0000000..ea4d12f --- /dev/null +++ b/tomcat-7.0.94-RemoveCompilerOptions.patch @@ -0,0 +1,162 @@ +--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2019-06-18 10:38:02.381894455 -0400 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2019-06-18 10:39:28.932684377 -0400 +@@ -95,7 +95,6 @@ public class JDTCompiler extends org.apa + /** + * Compile the servlet from .java file to .class file + */ +- @Override + protected void generateClass(String[] smap) + throws FileNotFoundException, JasperException, Exception { + +@@ -126,12 +125,10 @@ public class JDTCompiler extends org.apa + this.sourceFile = sourceFile; + } + +- @Override + public char[] getFileName() { + return sourceFile.toCharArray(); + } + +- @Override + public char[] getContents() { + char[] result = null; + FileInputStream is = null; +@@ -173,7 +170,6 @@ public class JDTCompiler extends org.apa + return result; + } + +- @Override + public char[] getMainTypeName() { + int dot = className.lastIndexOf('.'); + if (dot > 0) { +@@ -182,7 +178,6 @@ public class JDTCompiler extends org.apa + return className.toCharArray(); + } + +- @Override + public char[][] getPackageName() { + StringTokenizer izer = + new StringTokenizer(className, "."); +@@ -194,7 +189,6 @@ public class JDTCompiler extends org.apa + return result; + } + +- @Override + public boolean ignoreOptionalProblems() { + return false; + } +@@ -202,7 +196,6 @@ public class JDTCompiler extends org.apa + + final INameEnvironment env = new INameEnvironment() { + +- @Override + public NameEnvironmentAnswer + findType(char[][] compoundTypeName) { + StringBuilder result = new StringBuilder(); +@@ -215,7 +208,6 @@ public class JDTCompiler extends org.apa + return findType(result.toString()); + } + +- @Override + public NameEnvironmentAnswer + findType(char[] typeName, + char[][] packageName) { +@@ -297,7 +289,6 @@ public class JDTCompiler extends org.apa + } + } + +- @Override + public boolean isPackage(char[][] parentPackageName, + char[] packageName) { + StringBuilder result = new StringBuilder(); +@@ -319,7 +310,6 @@ public class JDTCompiler extends org.apa + return isPackage(result.toString()); + } + +- @Override + public void cleanup() { + } + +@@ -368,33 +358,6 @@ public class JDTCompiler extends org.apa + } else if(opt.equals("1.7")) { + settings.put(CompilerOptions.OPTION_Source, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_Source, +- CompilerOptions.VERSION_1_8); +- // Support old format that was used in EA implementation as well +- } else if(opt.equals("9") || opt.equals("1.9")) { +- settings.put(CompilerOptions.OPTION_Source, +- JDT_JAVA_9_VERSION); +- } else if(opt.equals("10")) { +- // Constant not available in latest ECJ version that runs on +- // Java 6. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_Source, "10"); +- } else if(opt.equals("11")) { +- // Constant not available in latest ECJ version that runs on +- // Java 6. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_Source, "11"); +- } else if(opt.equals("12")) { +- // Constant not available in latest available ECJ version. +- // May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_Source, "12"); +- } else if(opt.equals("13")) { +- // Constant not available in latest available ECJ version. +- // May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_Source, "13"); + } else { + log.warn(Localizer.getMessage("jsp.warning.unknown.sourceVM", opt)); + settings.put(CompilerOptions.OPTION_Source, +@@ -436,40 +399,6 @@ public class JDTCompiler extends org.apa + CompilerOptions.VERSION_1_7); + settings.put(CompilerOptions.OPTION_Compliance, + CompilerOptions.VERSION_1_7); +- } else if(opt.equals("1.8")) { +- settings.put(CompilerOptions.OPTION_TargetPlatform, +- CompilerOptions.VERSION_1_8); +- settings.put(CompilerOptions.OPTION_Compliance, +- CompilerOptions.VERSION_1_8); +- } else if(opt.equals("9") || opt.equals("1.9")) { +- settings.put(CompilerOptions.OPTION_TargetPlatform, +- JDT_JAVA_9_VERSION); +- settings.put(CompilerOptions.OPTION_Compliance, +- JDT_JAVA_9_VERSION); +- } else if(opt.equals("10")) { +- // Constant not available in latest ECJ version that runs on +- // Java 6. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_TargetPlatform, "10"); +- settings.put(CompilerOptions.OPTION_Compliance, "10"); +- } else if(opt.equals("11")) { +- // Constant not available in latest ECJ version that runs on +- // Java 6. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_TargetPlatform, "11"); +- settings.put(CompilerOptions.OPTION_Compliance, "11"); +- } else if(opt.equals("12")) { +- // Constant not available in latest available ECJ version. +- // May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_TargetPlatform, "12"); +- settings.put(CompilerOptions.OPTION_Compliance, "12"); +- } else if(opt.equals("13")) { +- // Constant not available in latest available ECJ version. +- // May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_TargetPlatform, "13"); +- settings.put(CompilerOptions.OPTION_Compliance, "13"); + } else { + log.warn(Localizer.getMessage("jsp.warning.unknown.targetVM", opt)); + settings.put(CompilerOptions.OPTION_TargetPlatform, +@@ -487,7 +416,6 @@ public class JDTCompiler extends org.apa + new DefaultProblemFactory(Locale.getDefault()); + + final ICompilerRequestor requestor = new ICompilerRequestor() { +- @Override + public void acceptResult(CompilationResult result) { + try { + if (result.hasProblems()) { diff --git a/tomcat.spec b/tomcat.spec index 0d418cc..f961de0 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 92 +%global micro_version 94 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -81,7 +81,7 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch # Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 -Patch2: %{name}-7.0.90-RemoveCompilerOptions.patch +Patch2: %{name}-7.0.94-RemoveCompilerOptions.patch # Adding patch to remove unsupport ant tasks/attributes Patch3: %{name}-7.0.90-build.patch Patch4: %{name}-7.0-catalina-policy.patch @@ -639,6 +639,10 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Tue Jun 18 2019 Coty Sutherland - 1:7.0.94-1 +- Update to 7.0.94 +- Resolves: rhbz#1713280 - CVE-2019-0221 tomcat: XSS in SSI printenv + * Thu Dec 13 2018 Coty Sutherland - 1:7.0.92-1 - Update to 7.0.92 - Resolves: rhbz#1636513 - CVE-2018-11784 tomcat: Open redirect in default servlet From 3d2693a555b74ded874d851ccb44327d64c8b7b2 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Tue, 18 Jun 2019 15:26:48 -0400 Subject: [PATCH 65/79] Drop some outdated deps and use zip instead of zip -u --- tomcat.spec | 41 +++++++++-------------------------------- 1 file changed, 9 insertions(+), 32 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index f961de0..a70b170 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -95,10 +95,7 @@ BuildRequires: ant-nodeps BuildRequires: ant-trax BuildRequires: ecj BuildRequires: findutils -BuildRequires: jakarta-commons-collections BuildRequires: jakarta-commons-daemon -BuildRequires: jakarta-commons-dbcp -BuildRequires: jakarta-commons-pool BuildRequires: jakarta-taglibs-standard BuildRequires: java7-devel >= 1:1.7.0 BuildRequires: jpackage-utils >= 0:1.7.0 @@ -107,10 +104,6 @@ BuildRequires: log4j BuildRequires: wsdl4j Requires: jakarta-commons-daemon -Requires: jakarta-commons-logging -Requires: jakarta-commons-collections -Requires: jakarta-commons-dbcp -Requires: jakarta-commons-pool Requires: java >= 1:1.6.0 Requires: procps Requires: %{name}-lib = %{epoch}:%{version}-%{release} @@ -186,9 +179,6 @@ Requires: %{name}-jsp-%{jspspec}-api = %{epoch}:%{version}-%{release} Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release} Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release} Requires: ecj -Requires: jakarta-commons-collections -Requires: jakarta-commons-dbcp -Requires: jakarta-commons-pool Requires(preun): coreutils %description lib @@ -243,30 +233,21 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %build export OPT_JAR_LIST="ant/ant-trax ant/ant-nodeps xalan-j2-serializer" - # we don't care about the tarballs and we're going to replace - # tomcat-dbcp.jar with jakarta-commons-{collections,dbcp,pool}-tomcat5.jar - # so just create a dummy file for later removal touch HACK %{__mkdir_p} HACKDIR touch HACKDIR/build.xml # who needs a build.properties file anyway %{ant} -Dbase.path="." \ -Dbuild.compiler="modern" \ - -Dcommons-collections.jar="$(build-classpath jakarta-commons-collections)" \ -Dcommons-daemon.jar="$(build-classpath jakarta-commons-daemon)" \ -Dcommons-daemon.native.src.tgz="HACK" \ - -Djasper-jdt.jar="$(build-classpath ecj)" \ -Djdt.jar="$(build-classpath ecj)" \ - -Dtomcat-dbcp.jar="$(build-classpath jakarta-commons-dbcp)" \ -Dtomcat-native.tar.gz="HACK" \ -Dtomcat-native.home="." \ -Dcommons-daemon.native.win.mgr.exe="HACK" \ -Dnsis.exe="HACK" \ -Djaxrpc-lib.jar="HACK" \ -Dwsdl4j-lib.jar="$(build-classpath wsdl4j)" \ - -Dcommons-pool.home="HACKDIR" \ - -Dcommons-dbcp.home="HACKDIR" \ - -Dno.build.dbcp=true \ -Dversion="%{version}" \ -Dversion.build="%{micro_version}" \ -Djava.7.home=%{java_home} \ @@ -274,8 +255,7 @@ export OPT_JAR_LIST="ant/ant-trax ant/ant-nodeps xalan-j2-serializer" # remove some jars that we'll replace with symlinks later %{__rm} output/build/bin/commons-daemon.jar \ - output/build/lib/ecj.jar \ - output/build/lib/jakarta-commons-dbcp.jar + output/build/lib/ecj.jar pushd output/dist/src/webapps/docs/appdev/sample/src %{__mkdir_p} ../web/WEB-INF/classes @@ -289,25 +269,25 @@ popd mkdir -p META-INF cp -p %{SOURCE8} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF -zip -u output/build/lib/servlet-api.jar META-INF/MANIFEST.MF +zip output/build/lib/servlet-api.jar META-INF/MANIFEST.MF cp -p %{SOURCE9} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF -zip -u output/build/lib/jsp-api.jar META-INF/MANIFEST.MF +zip output/build/lib/jsp-api.jar META-INF/MANIFEST.MF cp -p %{SOURCE11} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF -zip -u output/build/lib/el-api.jar META-INF/MANIFEST.MF +zip output/build/lib/el-api.jar META-INF/MANIFEST.MF cp -p %{SOURCE12} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF -zip -u output/build/lib/jasper-el.jar META-INF/MANIFEST.MF +zip output/build/lib/jasper-el.jar META-INF/MANIFEST.MF cp -p %{SOURCE13} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF -zip -u output/build/lib/jasper.jar META-INF/MANIFEST.MF +zip output/build/lib/jasper.jar META-INF/MANIFEST.MF cp -p %{SOURCE14} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF -zip -u output/build/lib/tomcat-api.jar META-INF/MANIFEST.MF +zip output/build/lib/tomcat-api.jar META-INF/MANIFEST.MF cp -p %{SOURCE15} META-INF/MANIFEST.MF touch META-INF/MANIFEST.MF -zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF +zip output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF %install # build initial path structure @@ -379,8 +359,7 @@ pushd ${RPM_BUILD_ROOT}%{_javadir} popd pushd output/build - %{_bindir}/build-jar-repository lib jakarta-commons-collections \ - jakarta-commons-dbcp jakarta-commons-pool ecj 2>&1 + %{_bindir}/build-jar-repository lib ecj 2>&1 # need to use -p here with b-j-r otherwise the examples webapp fails to # load with a java.io.IOException %{_bindir}/build-jar-repository -p webapps/examples/WEB-INF/lib \ @@ -392,8 +371,6 @@ pushd ${RPM_BUILD_ROOT}%{libdir} %{__ln_s} ../%{name}-jsp-%{jspspec}-api.jar . %{__ln_s} ../%{name}-servlet-%{servletspec}-api.jar . %{__ln_s} ../%{name}-el-%{elspec}-api.jar . - %{__ln_s} $(build-classpath jakarta-commons-collections) commons-collections.jar - %{__ln_s} $(build-classpath jakarta-commons-dbcp) commons-dbcp.jar %{__ln_s} $(build-classpath log4j) log4j.jar %{__ln_s} $(build-classpath ecj) jasper-jdt.jar From 5ac49193adab92efc08c3c94c3e6bd483ce7d0f1 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 26 Sep 2019 12:00:56 -0400 Subject: [PATCH 66/79] Resolves: rhbz#1466026 JVM options are duplicated after service restart --- tomcat-7.0.init | 8 +++++++- tomcat.spec | 5 ++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/tomcat-7.0.init b/tomcat-7.0.init index 026adb9..dd737e8 100644 --- a/tomcat-7.0.init +++ b/tomcat-7.0.init @@ -75,6 +75,9 @@ TOMCAT_LOG="${TOMCAT_LOG:-${CATALINA_HOME}/logs/${NAME}-initd.log}" # Define the tomcat pid file CATALINA_PID="${CATALINA_PID:-/var/run/${NAME}.pid}" +# Variable to keep parseOptions status +OPTIONS_PARSED="0" + RETVAL="0" # Look for open ports, as the function name might imply @@ -142,7 +145,10 @@ function parseOptions() { /etc/sysconfig/${NAME} )" fi - TOMCAT_SCRIPT="$options ${TOMCAT_SCRIPT}" + if [ "$OPTIONS_PARSED" -eq 0 ]; then + TOMCAT_SCRIPT="$options ${TOMCAT_SCRIPT}" + OPTIONS_PARSED=1 + fi } # See how we were called. diff --git a/tomcat.spec b/tomcat.spec index a70b170..3ee9115 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 1%{?dist} +Release: 2%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -616,6 +616,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Sep 26 2019 Coty Sutherland - 1:7.0.94-2 +- Resolves: rhbz#1466026 JVM options are duplicated after service restart + * Tue Jun 18 2019 Coty Sutherland - 1:7.0.94-1 - Update to 7.0.94 - Resolves: rhbz#1713280 - CVE-2019-0221 tomcat: XSS in SSI printenv From 90835a7334092280ad68f90a357f19bf8203973f Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 26 Sep 2019 12:35:29 -0400 Subject: [PATCH 67/79] Update to 7.0.96 --- sources | 2 +- tomcat.spec | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/sources b/sources index 27faf09..81fb7f5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.94-src.tar.gz) = 5e8d2fab7145af5677170299bec0ae5ea5fd20b7a539738678a420581f9b53a95a6fbb1caffb54c7222d97edfe8ff34ce6dbb7ba62adb1a61f2bfa6b15c43139 +SHA512 (apache-tomcat-7.0.96-src.tar.gz) = 5797e66fb9ce558340e08d3a4ccd372d912707aabd6177318781925dd35055902a0ecc3e50e677d76b0feea547cc8fc038bb83ae5de65d28680cb4c9582f60c0 diff --git a/tomcat.spec b/tomcat.spec index 3ee9115..92bdbd8 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 94 +%global micro_version 96 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 2%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -616,7 +616,8 @@ fi %{_sbindir}/%{name}-jsvc %changelog -* Thu Sep 26 2019 Coty Sutherland - 1:7.0.94-2 +* Thu Sep 26 2019 Coty Sutherland - 1:7.0.96-1 +- Update to 7.0.96 - Resolves: rhbz#1466026 JVM options are duplicated after service restart * Tue Jun 18 2019 Coty Sutherland - 1:7.0.94-1 From b3f5333fe2e47a65906b8a9dee1631a324337cc5 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 6 Feb 2020 13:15:28 -0500 Subject: [PATCH 68/79] Update to 7.0.99 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 81fb7f5..62331da 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.96-src.tar.gz) = 5797e66fb9ce558340e08d3a4ccd372d912707aabd6177318781925dd35055902a0ecc3e50e677d76b0feea547cc8fc038bb83ae5de65d28680cb4c9582f60c0 +SHA512 (apache-tomcat-7.0.99-src.tar.gz) = 3148879d4a893167b9e60fd1ee6972fc9be8a5be97016ad1d86117c0cb681ac40702680bd21562a284f78aac327f0388e99af458cf1868a3b0ad5e31899b23c0 diff --git a/tomcat.spec b/tomcat.spec index 92bdbd8..1deb89b 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 96 +%global micro_version 99 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -616,6 +616,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Feb 06 2020 Coty Sutherland - 1:7.0.99-1 +- Update to 7.0.99 + * Thu Sep 26 2019 Coty Sutherland - 1:7.0.96-1 - Update to 7.0.96 - Resolves: rhbz#1466026 JVM options are duplicated after service restart From 53af7d2339c9ccbc2420512a178d9ca527d9b1a8 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 6 Feb 2020 14:38:45 -0500 Subject: [PATCH 69/79] Remove SAAJ API addition (not necessary) and javac release attributes (not yet supported) --- ...0-build.patch => tomcat-7.0.99-build.patch | 77 ++++++++++++++++--- tomcat.spec | 2 +- 2 files changed, 68 insertions(+), 11 deletions(-) rename tomcat-7.0.90-build.patch => tomcat-7.0.99-build.patch (53%) diff --git a/tomcat-7.0.90-build.patch b/tomcat-7.0.99-build.patch similarity index 53% rename from tomcat-7.0.90-build.patch rename to tomcat-7.0.99-build.patch index 63a974c..80d2358 100644 --- a/tomcat-7.0.90-build.patch +++ b/tomcat-7.0.99-build.patch @@ -1,6 +1,14 @@ ---- build.xml.orig 2018-07-31 16:53:30.644130082 -0400 -+++ build.xml 2018-07-31 16:56:12.472419607 -0400 -@@ -216,7 +216,7 @@ +--- build.xml.orig 2019-12-11 08:21:52.000000000 -0500 ++++ build.xml 2020-02-06 14:32:03.578329367 -0500 +@@ -222,7 +222,6 @@ + + + +- + + + +@@ -244,7 +243,7 @@ @@ -9,9 +17,17 @@ -@@ -1056,12 +1056,11 @@ +@@ -636,7 +635,6 @@ + deprecation="${compile.deprecation}" + source="${compile.source}" + target="${compile.target}" +- release="${compile.release}" + encoding="ISO-8859-1" + includeAntRuntime="true" > + +@@ -1141,12 +1139,11 @@ - + - - @@ -24,7 +40,31 @@ -@@ -1734,8 +1733,8 @@ +@@ -1177,7 +1174,6 @@ + debug="${compile.debug}" deprecation="${compile.deprecation}" + source="${compile.source}" + target="${compile.target}" +- release="${compile.release}" + classpath="${tomcat.classes}" + encoding="ISO-8859-1" + includeantruntime="false"> +@@ -1189,7 +1185,6 @@ + debug="${compile.debug}" deprecation="${compile.deprecation}" + source="${compile.source}" + target="${compile.target}" +- release="${compile.release}" + classpath="${tomcat.classes}" + encoding="ISO-8859-1" + includeantruntime="false"> +@@ -1416,7 +1411,6 @@ + deprecation="${compile.deprecation}" + source="${compile.source}" + target="${compile.target}" +- release="${compile.release}" + encoding="ISO-8859-1" + includeantruntime="true"> + +@@ -1859,8 +1853,8 @@ @@ -35,7 +75,24 @@ -@@ -2976,7 +2975,7 @@ Apache Tomcat ${version} native binaries +@@ -2912,16 +2906,6 @@ skip.installer property in build.propert + + + +- +- +- +- +- +- +- +- +- +- + + + @@ -44,7 +101,7 @@ @@ -53,7 +110,7 @@ @@ -62,7 +119,7 @@ diff --git a/tomcat.spec b/tomcat.spec index 1deb89b..041f4b1 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -83,7 +83,7 @@ Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.pat # Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 Patch2: %{name}-7.0.94-RemoveCompilerOptions.patch # Adding patch to remove unsupport ant tasks/attributes -Patch3: %{name}-7.0.90-build.patch +Patch3: %{name}-7.0.99-build.patch Patch4: %{name}-7.0-catalina-policy.patch BuildArch: noarch From bee90cc4459bf5ad2f7d1f71b4845320454a9153 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 5 Mar 2020 15:07:47 -0500 Subject: [PATCH 70/79] Update to 7.0.100 Resolves: rhbz#1806805 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability --- sources | 2 +- tomcat.spec | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 62331da..abfb952 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.99-src.tar.gz) = 3148879d4a893167b9e60fd1ee6972fc9be8a5be97016ad1d86117c0cb681ac40702680bd21562a284f78aac327f0388e99af458cf1868a3b0ad5e31899b23c0 +SHA512 (apache-tomcat-7.0.100-src.tar.gz) = 53ef64c64263d0f25d72ed179bd7b7beed3f73cd63010988ba740ff7328b00a5ec09fe1d4575188ecacf258c891e022a0f1ae07d2957d9830a56881170bb1a57 diff --git a/tomcat.spec b/tomcat.spec index 041f4b1..8cde319 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 99 +%global micro_version 100 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -616,6 +616,10 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Mar 05 2020 Coty Sutherland - 1:7.0.100-1 +- Update to 7.0.100 +- Resolves: rhbz#1806805 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability + * Thu Feb 06 2020 Coty Sutherland - 1:7.0.99-1 - Update to 7.0.99 From 4f8faf67f26c91c13cacc9dd7c70a2d5b3458182 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Thu, 12 Mar 2020 14:29:24 -0400 Subject: [PATCH 71/79] Related: rhbz#1806398 Undo changes in defaults for AJP connector (CVE-2020-1938) to prevent breakage, please update your configuration --- change-defaults-for-CVE-2020-1938.patch | 223 ++++++++++++++++++++++++ tomcat.spec | 7 +- 2 files changed, 229 insertions(+), 1 deletion(-) create mode 100644 change-defaults-for-CVE-2020-1938.patch diff --git a/change-defaults-for-CVE-2020-1938.patch b/change-defaults-for-CVE-2020-1938.patch new file mode 100644 index 0000000..cb7cedd --- /dev/null +++ b/change-defaults-for-CVE-2020-1938.patch @@ -0,0 +1,223 @@ +diff -up ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java +--- ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig 2020-03-12 14:21:39.270821184 -0400 ++++ ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java 2020-03-12 14:22:17.771716954 -0400 +@@ -134,7 +134,7 @@ public abstract class AbstractAjpProtoco + } + + +- private boolean secretRequired = true; ++ private boolean secretRequired = false; + public void setSecretRequired(boolean secretRequired) { + this.secretRequired = secretRequired; + } +diff -up ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig ./java/org/apache/coyote/ajp/AjpAprProtocol.java +--- ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig 2020-03-12 14:18:38.918311184 -0400 ++++ ./java/org/apache/coyote/ajp/AjpAprProtocol.java 2020-03-12 14:18:51.031278148 -0400 +@@ -20,7 +20,6 @@ import org.apache.coyote.AbstractProtoco + import org.apache.coyote.Processor; + import org.apache.juli.logging.Log; + import org.apache.juli.logging.LogFactory; +-import org.apache.tomcat.util.compat.JreCompat; + import org.apache.tomcat.util.net.AbstractEndpoint; + import org.apache.tomcat.util.net.AprEndpoint; + import org.apache.tomcat.util.net.AprEndpoint.Handler; +@@ -62,7 +61,6 @@ public class AjpAprProtocol extends Abst + + public AjpAprProtocol() { + endpoint = new AprEndpoint(); +- endpoint.setAddress(JreCompat.getInstance().getLoopbackAddress()); + cHandler = new AjpConnectionHandler(this); + ((AprEndpoint) endpoint).setHandler(cHandler); + setSoLinger(Constants.DEFAULT_CONNECTION_LINGER); +diff -up ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig ./java/org/apache/coyote/ajp/AjpNioProtocol.java +--- ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig 2020-03-12 14:18:58.405258036 -0400 ++++ ./java/org/apache/coyote/ajp/AjpNioProtocol.java 2020-03-12 14:19:02.577246659 -0400 +@@ -23,7 +23,6 @@ import org.apache.coyote.AbstractProtoco + import org.apache.coyote.Processor; + import org.apache.juli.logging.Log; + import org.apache.juli.logging.LogFactory; +-import org.apache.tomcat.util.compat.JreCompat; + import org.apache.tomcat.util.net.AbstractEndpoint; + import org.apache.tomcat.util.net.NioChannel; + import org.apache.tomcat.util.net.NioEndpoint; +@@ -57,7 +56,6 @@ public class AjpNioProtocol extends Abst + + public AjpNioProtocol() { + endpoint = new NioEndpoint(); +- endpoint.setAddress(JreCompat.getInstance().getLoopbackAddress()); + cHandler = new AjpConnectionHandler(this); + ((NioEndpoint) endpoint).setHandler(cHandler); + setSoLinger(Constants.DEFAULT_CONNECTION_LINGER); +diff -up ./java/org/apache/coyote/ajp/AjpProtocol.java.orig ./java/org/apache/coyote/ajp/AjpProtocol.java +--- ./java/org/apache/coyote/ajp/AjpProtocol.java.orig 2020-03-12 14:19:11.121223357 -0400 ++++ ./java/org/apache/coyote/ajp/AjpProtocol.java 2020-03-12 14:19:16.402208954 -0400 +@@ -22,7 +22,6 @@ import org.apache.coyote.AbstractProtoco + import org.apache.coyote.Processor; + import org.apache.juli.logging.Log; + import org.apache.juli.logging.LogFactory; +-import org.apache.tomcat.util.compat.JreCompat; + import org.apache.tomcat.util.net.AbstractEndpoint; + import org.apache.tomcat.util.net.JIoEndpoint; + import org.apache.tomcat.util.net.JIoEndpoint.Handler; +@@ -58,7 +57,6 @@ public class AjpProtocol extends Abstrac + + public AjpProtocol() { + endpoint = new JIoEndpoint(); +- endpoint.setAddress(JreCompat.getInstance().getLoopbackAddress()); + cHandler = new AjpConnectionHandler(this); + ((JIoEndpoint) endpoint).setHandler(cHandler); + setSoLinger(Constants.DEFAULT_CONNECTION_LINGER); +diff -up ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig ./java/org/apache/tomcat/util/compat/Jre7Compat.java +--- ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig 2020-03-12 14:19:23.641189211 -0400 ++++ ./java/org/apache/tomcat/util/compat/Jre7Compat.java 2020-03-12 14:19:52.162111426 -0400 +@@ -20,7 +20,6 @@ import java.io.OutputStream; + import java.lang.reflect.Constructor; + import java.lang.reflect.InvocationTargetException; + import java.lang.reflect.Method; +-import java.net.InetAddress; + import java.sql.CallableStatement; + import java.sql.Connection; + import java.sql.DatabaseMetaData; +@@ -57,7 +56,6 @@ class Jre7Compat extends JreCompat { + private static final Method resultSetGetObjectName; + private static final Method statementCloseOnCompletion; + private static final Method statementIsCloseOnCompletion; +- private static final Method getLoopbackAddress; + + static { + Method m1 = null; +@@ -74,7 +72,6 @@ class Jre7Compat extends JreCompat { + Method m12 = null; + Method m13 = null; + Method m14 = null; +- Method m15 = null; + Constructor c = null; + try { + // Order is important for the error handling below. +@@ -94,7 +91,6 @@ class Jre7Compat extends JreCompat { + m12 = ResultSet.class.getMethod("getObject", String.class, Class.class); + m13 = Statement.class.getMethod("closeOnCompletion"); + m14 = Statement.class.getMethod("isCloseOnCompletion"); +- m15 = InetAddress.class.getMethod("getLoopbackAddress"); + } catch (SecurityException e) { + // Should never happen + log.error(sm.getString("jre7Compat.unexpected"), e); +@@ -122,7 +118,6 @@ class Jre7Compat extends JreCompat { + resultSetGetObjectName = m12; + statementCloseOnCompletion = m13; + statementIsCloseOnCompletion = m14; +- getLoopbackAddress = m15; + } + + +@@ -357,20 +352,6 @@ class Jre7Compat extends JreCompat { + } + } + +- +- @Override +- public InetAddress getLoopbackAddress() { +- try { +- return (InetAddress) getLoopbackAddress.invoke(null); +- } catch (IllegalArgumentException e) { +- throw new UnsupportedOperationException(e); +- } catch (IllegalAccessException e) { +- throw new UnsupportedOperationException(e); +- } catch (InvocationTargetException e) { +- throw new UnsupportedOperationException(e); +- } +- } +- + + // Java 9 methods + +diff -up ./java/org/apache/tomcat/util/compat/JreCompat.java.orig ./java/org/apache/tomcat/util/compat/JreCompat.java +--- ./java/org/apache/tomcat/util/compat/JreCompat.java.orig 2020-03-12 14:20:03.476080570 -0400 ++++ ./java/org/apache/tomcat/util/compat/JreCompat.java 2020-03-12 14:20:23.158027178 -0400 +@@ -21,10 +21,8 @@ import java.io.IOException; + import java.io.OutputStream; + import java.lang.reflect.AccessibleObject; + import java.lang.reflect.Method; +-import java.net.InetAddress; + import java.net.URL; + import java.net.URLConnection; +-import java.net.UnknownHostException; + import java.sql.CallableStatement; + import java.sql.Connection; + import java.sql.DatabaseMetaData; +@@ -234,32 +232,6 @@ public class JreCompat { + } + + +- public InetAddress getLoopbackAddress() { +- // Javadoc for getByName() states that calling with null will return one +- // of the loopback addresses +- InetAddress result = null; +- try { +- result = InetAddress.getByName(null); +- } catch (UnknownHostException e) { +- // This would be unusual but ignore it in this case. +- } +- if (result == null) { +- // Fallback to default IPv4 loopback address. +- // Not perfect but good enough and if the address is not valid the +- // bind will fail later with an appropriate error message +- try { +- result = InetAddress.getByName("127.0.0.1"); +- } catch (UnknownHostException e) { +- // Unreachable. +- // For text representations of IP addresses only the format is +- // checked. +- } +- } +- +- return result; +- } +- +- + // Java 6 implementation of Java 8 methods + + public static boolean isJre8Available() { +diff -up ./webapps/docs/changelog.xml.orig ./webapps/docs/changelog.xml +--- ./webapps/docs/changelog.xml.orig 2020-03-12 14:20:30.645006916 -0400 ++++ ./webapps/docs/changelog.xml 2020-03-12 14:23:07.339582809 -0400 +@@ -143,14 +143,10 @@ + Disable (comment out in server.xml) the AJP/1.3 connector by default. + (markt) + +- +- Change the default bind address for the AJP/1.3 connector to be the +- loopback address. (markt) +- + + Rename the requiredSecret attribute of the AJP/1.3 + Connector to secret and add a new attribute +- secretRequired that defaults to true. When ++ secretRequired that defaults to false. When + secretRequired is true the AJP/1.3 Connector + will not start unless the secret attribute is configured to + a non-null, non-zero length String. (markt) +diff -up ./webapps/docs/config/ajp.xml.orig ./webapps/docs/config/ajp.xml +--- ./webapps/docs/config/ajp.xml.orig 2020-03-12 14:20:50.750952504 -0400 ++++ ./webapps/docs/config/ajp.xml 2020-03-12 14:23:31.800516611 -0400 +@@ -306,7 +306,10 @@ + +

For servers with more than one IP address, this attribute + specifies which address will be used for listening on the specified +- port. By default, the loopback address will be used.

++ port. By default, this port will be used on all IP addresses ++ associated with the server. A value of 127.0.0.1 ++ indicates that the Connector will only listen on the loopback ++ interface.

+ + + +@@ -461,7 +464,7 @@ + +

If this attribute is true, the AJP Connector will only + start if the secret attribute is configured with a +- non-null, non-zero length value. The default value is true. ++ non-null, non-zero length value. The default value is false. +

+ + diff --git a/tomcat.spec b/tomcat.spec index 8cde319..3178fff 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 1%{?dist} +Release: 2%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -85,6 +85,7 @@ Patch2: %{name}-7.0.94-RemoveCompilerOptions.patch # Adding patch to remove unsupport ant tasks/attributes Patch3: %{name}-7.0.99-build.patch Patch4: %{name}-7.0-catalina-policy.patch +Patch5: change-defaults-for-CVE-2020-1938.patch BuildArch: noarch @@ -227,6 +228,7 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name " %patch2 -p0 %patch3 -p0 %patch4 -p0 +%patch5 -p0 %{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar %{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar @@ -616,6 +618,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Mar 12 2020 Coty Sutherland - 1:7.0.100-2 +- Related: rhbz#1806398 Undo changes in defaults for AJP connector (CVE-2020-1938) to prevent breakage, please update your configuration + * Thu Mar 05 2020 Coty Sutherland - 1:7.0.100-1 - Update to 7.0.100 - Resolves: rhbz#1806805 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability From 3ab821b1f1a843cd3dcaf15b8ae4b5fb52856807 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Wed, 22 Apr 2020 14:21:43 -0400 Subject: [PATCH 72/79] Update to 7.0.103 --- sources | 2 +- tomcat.spec | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/sources b/sources index abfb952..de4a5fc 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.100-src.tar.gz) = 53ef64c64263d0f25d72ed179bd7b7beed3f73cd63010988ba740ff7328b00a5ec09fe1d4575188ecacf258c891e022a0f1ae07d2957d9830a56881170bb1a57 +SHA512 (apache-tomcat-7.0.103-src.tar.gz) = 812fce83c7242ebc16dc2365f0b363f1fb2691cd6a2f19f1209ea467557c42ee2d108c8bef89f23bb4a20c800d0ecdb4afc37567ef8079966b4eec0331a2ef9b diff --git a/tomcat.spec b/tomcat.spec index 3178fff..a5ec50c 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 100 +%global micro_version 103 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -53,7 +53,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 2%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -618,6 +618,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Wed Apr 22 2020 Coty Sutherland - 1:7.0.103-1 +- Update to 7.0.103 + * Thu Mar 12 2020 Coty Sutherland - 1:7.0.100-2 - Related: rhbz#1806398 Undo changes in defaults for AJP connector (CVE-2020-1938) to prevent breakage, please update your configuration From 2f8bca3680e1d35e7425b7c76185cc9e31867c96 Mon Sep 17 00:00:00 2001 From: Coty Sutherland Date: Wed, 22 Apr 2020 15:46:02 -0400 Subject: [PATCH 73/79] Tweak the default changes for CVE-2020-1938 so the patch applies cleanly --- change-defaults-for-CVE-2020-1938.patch | 69 ++++++++++++------------- 1 file changed, 34 insertions(+), 35 deletions(-) diff --git a/change-defaults-for-CVE-2020-1938.patch b/change-defaults-for-CVE-2020-1938.patch index cb7cedd..3d40389 100644 --- a/change-defaults-for-CVE-2020-1938.patch +++ b/change-defaults-for-CVE-2020-1938.patch @@ -1,6 +1,6 @@ diff -up ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java ---- ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig 2020-03-12 14:21:39.270821184 -0400 -+++ ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java 2020-03-12 14:22:17.771716954 -0400 +--- ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400 ++++ ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java 2020-04-22 15:42:50.544106513 -0400 @@ -134,7 +134,7 @@ public abstract class AbstractAjpProtoco } @@ -11,8 +11,8 @@ diff -up ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig ./java/org/a this.secretRequired = secretRequired; } diff -up ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig ./java/org/apache/coyote/ajp/AjpAprProtocol.java ---- ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig 2020-03-12 14:18:38.918311184 -0400 -+++ ./java/org/apache/coyote/ajp/AjpAprProtocol.java 2020-03-12 14:18:51.031278148 -0400 +--- ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400 ++++ ./java/org/apache/coyote/ajp/AjpAprProtocol.java 2020-04-22 15:42:50.544106513 -0400 @@ -20,7 +20,6 @@ import org.apache.coyote.AbstractProtoco import org.apache.coyote.Processor; import org.apache.juli.logging.Log; @@ -30,8 +30,8 @@ diff -up ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig ./java/org/apache ((AprEndpoint) endpoint).setHandler(cHandler); setSoLinger(Constants.DEFAULT_CONNECTION_LINGER); diff -up ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig ./java/org/apache/coyote/ajp/AjpNioProtocol.java ---- ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig 2020-03-12 14:18:58.405258036 -0400 -+++ ./java/org/apache/coyote/ajp/AjpNioProtocol.java 2020-03-12 14:19:02.577246659 -0400 +--- ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400 ++++ ./java/org/apache/coyote/ajp/AjpNioProtocol.java 2020-04-22 15:42:50.545106511 -0400 @@ -23,7 +23,6 @@ import org.apache.coyote.AbstractProtoco import org.apache.coyote.Processor; import org.apache.juli.logging.Log; @@ -49,8 +49,8 @@ diff -up ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig ./java/org/apache ((NioEndpoint) endpoint).setHandler(cHandler); setSoLinger(Constants.DEFAULT_CONNECTION_LINGER); diff -up ./java/org/apache/coyote/ajp/AjpProtocol.java.orig ./java/org/apache/coyote/ajp/AjpProtocol.java ---- ./java/org/apache/coyote/ajp/AjpProtocol.java.orig 2020-03-12 14:19:11.121223357 -0400 -+++ ./java/org/apache/coyote/ajp/AjpProtocol.java 2020-03-12 14:19:16.402208954 -0400 +--- ./java/org/apache/coyote/ajp/AjpProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400 ++++ ./java/org/apache/coyote/ajp/AjpProtocol.java 2020-04-22 15:42:50.545106511 -0400 @@ -22,7 +22,6 @@ import org.apache.coyote.AbstractProtoco import org.apache.coyote.Processor; import org.apache.juli.logging.Log; @@ -68,8 +68,8 @@ diff -up ./java/org/apache/coyote/ajp/AjpProtocol.java.orig ./java/org/apache/co ((JIoEndpoint) endpoint).setHandler(cHandler); setSoLinger(Constants.DEFAULT_CONNECTION_LINGER); diff -up ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig ./java/org/apache/tomcat/util/compat/Jre7Compat.java ---- ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig 2020-03-12 14:19:23.641189211 -0400 -+++ ./java/org/apache/tomcat/util/compat/Jre7Compat.java 2020-03-12 14:19:52.162111426 -0400 +--- ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig 2020-03-16 04:41:15.000000000 -0400 ++++ ./java/org/apache/tomcat/util/compat/Jre7Compat.java 2020-04-22 15:42:50.546106509 -0400 @@ -20,7 +20,6 @@ import java.io.OutputStream; import java.lang.reflect.Constructor; import java.lang.reflect.InvocationTargetException; @@ -132,8 +132,8 @@ diff -up ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig ./java/org/ap // Java 9 methods diff -up ./java/org/apache/tomcat/util/compat/JreCompat.java.orig ./java/org/apache/tomcat/util/compat/JreCompat.java ---- ./java/org/apache/tomcat/util/compat/JreCompat.java.orig 2020-03-12 14:20:03.476080570 -0400 -+++ ./java/org/apache/tomcat/util/compat/JreCompat.java 2020-03-12 14:20:23.158027178 -0400 +--- ./java/org/apache/tomcat/util/compat/JreCompat.java.orig 2020-03-16 04:41:15.000000000 -0400 ++++ ./java/org/apache/tomcat/util/compat/JreCompat.java 2020-04-22 15:42:50.547106507 -0400 @@ -21,10 +21,8 @@ import java.io.IOException; import java.io.OutputStream; import java.lang.reflect.AccessibleObject; @@ -179,9 +179,9 @@ diff -up ./java/org/apache/tomcat/util/compat/JreCompat.java.orig ./java/org/apa public static boolean isJre8Available() { diff -up ./webapps/docs/changelog.xml.orig ./webapps/docs/changelog.xml ---- ./webapps/docs/changelog.xml.orig 2020-03-12 14:20:30.645006916 -0400 -+++ ./webapps/docs/changelog.xml 2020-03-12 14:23:07.339582809 -0400 -@@ -143,14 +143,10 @@ +--- ./webapps/docs/changelog.xml.orig 2020-03-16 04:41:18.000000000 -0400 ++++ ./webapps/docs/changelog.xml 2020-04-22 15:42:50.554106492 -0400 +@@ -260,14 +260,10 @@ Disable (comment out in server.xml) the AJP/1.3 connector by default. (markt) @@ -198,26 +198,25 @@ diff -up ./webapps/docs/changelog.xml.orig ./webapps/docs/changelog.xml will not start unless the secret attribute is configured to a non-null, non-zero length String. (markt) diff -up ./webapps/docs/config/ajp.xml.orig ./webapps/docs/config/ajp.xml ---- ./webapps/docs/config/ajp.xml.orig 2020-03-12 14:20:50.750952504 -0400 -+++ ./webapps/docs/config/ajp.xml 2020-03-12 14:23:31.800516611 -0400 -@@ -306,7 +306,10 @@ +--- ./webapps/docs/config/ajp.xml.orig 2020-04-22 15:42:50.557106486 -0400 ++++ ./webapps/docs/config/ajp.xml 2020-04-22 15:44:54.425843527 -0400 +@@ -306,7 +306,9 @@ -

For servers with more than one IP address, this attribute - specifies which address will be used for listening on the specified -- port. By default, the loopback address will be used.

-+ port. By default, this port will be used on all IP addresses -+ associated with the server. A value of 127.0.0.1 -+ indicates that the Connector will only listen on the loopback -+ interface.

- - - -@@ -461,7 +464,7 @@ - -

If this attribute is true, the AJP Connector will only - start if the secret attribute is configured with a -- non-null, non-zero length value. The default value is true. -+ non-null, non-zero length value. The default value is false. -

+

For servers with more than one IP address, this attribute specifies + which address will be used for listening on the specified port. By +- default, the connector will listen on the loopback address. Unless the JVM ++ default, this port will be used on all IP addresses associated with the ++ server. A value of 127.0.0.1 indicates that the Connector ++ will only listen on the loopback interface. Unless the JVM + is configured otherwise using system properties, the Java based connectors + (BIO, NIO) will listen on both IPv4 and IPv6 addresses when configured + with either 0.0.0.0 or ::. The APR/native +@@ -483,7 +485,7 @@ + the secret attribute is required to be specified for the + AJP Connector to start. It does not control whether + workers are required to provide the secret. The default value is +- true. This attribute should only be set to false ++ false. This attribute should only be set to false + when the Connector is used on a trusted network.

 From 0e6b8f1b04975294f745637b6627599223548f43 Mon Sep 17 00:00:00 2001 From: Hui Wang Date: Thu, 4 Jun 2020 17:11:34 +0800 Subject: [PATCH 74/79] Update to 7.0.104 --- sources | 2 +- tomcat.spec | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/sources b/sources index de4a5fc..4417343 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.103-src.tar.gz) = 812fce83c7242ebc16dc2365f0b363f1fb2691cd6a2f19f1209ea467557c42ee2d108c8bef89f23bb4a20c800d0ecdb4afc37567ef8079966b4eec0331a2ef9b +SHA512 (apache-tomcat-7.0.104-src.tar.gz) = 788eab3ac343815362decf4c0d5db91f3697cc669e7e051f93bf82905cc52f9b040d00b7e07f7b85bcf470e802418896a678f991e523e08a3ae5a2f212a53257 diff --git a/tomcat.spec b/tomcat.spec index a5ec50c..a0292e2 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -29,9 +29,9 @@ # %global jspspec 2.2 -%global major_version 7 -%global minor_version 0 -%global micro_version 103 +%global major_version +%global minor_version +%global micro_version %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -618,6 +618,12 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Thu Jun 04 2020 Hui Wang - 1:7.0.104-1 +- Update to 7.0.104 + +* Thu Jun 04 2020 Hui Wang - 1:..-1 +- Update to .. + * Wed Apr 22 2020 Coty Sutherland - 1:7.0.103-1 - Update to 7.0.103 From 3509fc4b4b4e6a9b07214b0b26a4d596b5a9e211 Mon Sep 17 00:00:00 2001 From: Hui Wang Date: Thu, 4 Jun 2020 17:36:59 +0800 Subject: [PATCH 75/79] Fix the changelog and version parts --- tomcat.spec | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index a0292e2..814084f 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -29,9 +29,9 @@ # %global jspspec 2.2 -%global major_version -%global minor_version -%global micro_version +%global major_version 7 +%global minor_version 0 +%global micro_version 104 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -621,9 +621,6 @@ fi * Thu Jun 04 2020 Hui Wang - 1:7.0.104-1 - Update to 7.0.104 -* Thu Jun 04 2020 Hui Wang - 1:..-1 -- Update to .. - * Wed Apr 22 2020 Coty Sutherland - 1:7.0.103-1 - Update to 7.0.103 From 208522a9f22b26d596c74b0bdf07ef61f49f5bc9 Mon Sep 17 00:00:00 2001 From: Hui Wang Date: Mon, 8 Jun 2020 14:08:44 +0800 Subject: [PATCH 76/79] Update tomcat-RemoveCompilerOptions.patch --- ...tomcat-7.0.104-RemoveCompilerOptions.patch | 78 ++++++++++++------- tomcat.spec | 2 +- 2 files changed, 52 insertions(+), 28 deletions(-) rename tomcat-7.0.94-RemoveCompilerOptions.patch => tomcat-7.0.104-RemoveCompilerOptions.patch (66%) diff --git a/tomcat-7.0.94-RemoveCompilerOptions.patch b/tomcat-7.0.104-RemoveCompilerOptions.patch similarity index 66% rename from tomcat-7.0.94-RemoveCompilerOptions.patch rename to tomcat-7.0.104-RemoveCompilerOptions.patch index ea4d12f..d90a5a6 100644 --- a/tomcat-7.0.94-RemoveCompilerOptions.patch +++ b/tomcat-7.0.104-RemoveCompilerOptions.patch @@ -1,14 +1,16 @@ ---- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2019-06-18 10:38:02.381894455 -0400 -+++ java/org/apache/jasper/compiler/JDTCompiler.java 2019-06-18 10:39:28.932684377 -0400 -@@ -95,7 +95,6 @@ public class JDTCompiler extends org.apa +diff --git a/java/org/apache/jasper/compiler/JDTCompiler.java b/java/org/apache/jasper/compiler/JDTCompiler.java +index 2836724..5d5c44b 100644 +--- a/java/org/apache/jasper/compiler/JDTCompiler.java ++++ b/java/org/apache/jasper/compiler/JDTCompiler.java +@@ -95,7 +95,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { /** * Compile the servlet from .java file to .class file */ - @Override - protected void generateClass(String[] smap) - throws FileNotFoundException, JasperException, Exception { + protected void generateClass(String[] smap) throws FileNotFoundException, JasperException, Exception { -@@ -126,12 +125,10 @@ public class JDTCompiler extends org.apa + long t1 = 0; +@@ -122,12 +121,10 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { this.sourceFile = sourceFile; } @@ -21,7 +23,7 @@ public char[] getContents() { char[] result = null; FileInputStream is = null; -@@ -173,7 +170,6 @@ public class JDTCompiler extends org.apa +@@ -167,7 +164,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { return result; } @@ -29,15 +31,15 @@ public char[] getMainTypeName() { int dot = className.lastIndexOf('.'); if (dot > 0) { -@@ -182,7 +178,6 @@ public class JDTCompiler extends org.apa +@@ -176,7 +172,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { return className.toCharArray(); } - @Override public char[][] getPackageName() { - StringTokenizer izer = - new StringTokenizer(className, "."); -@@ -194,7 +189,6 @@ public class JDTCompiler extends org.apa + StringTokenizer izer = new StringTokenizer(className, "."); + char[][] result = new char[izer.countTokens()-1][]; +@@ -187,7 +182,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { return result; } @@ -45,7 +47,7 @@ public boolean ignoreOptionalProblems() { return false; } -@@ -202,7 +196,6 @@ public class JDTCompiler extends org.apa +@@ -195,7 +189,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { final INameEnvironment env = new INameEnvironment() { @@ -53,23 +55,23 @@ public NameEnvironmentAnswer findType(char[][] compoundTypeName) { StringBuilder result = new StringBuilder(); -@@ -215,7 +208,6 @@ public class JDTCompiler extends org.apa +@@ -208,7 +201,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { return findType(result.toString()); } - @Override - public NameEnvironmentAnswer - findType(char[] typeName, - char[][] packageName) { -@@ -297,7 +289,6 @@ public class JDTCompiler extends org.apa + public NameEnvironmentAnswer findType(char[] typeName, char[][] packageName) { + StringBuilder result = new StringBuilder(); + String sep = ""; +@@ -281,7 +273,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { } } - @Override - public boolean isPackage(char[][] parentPackageName, - char[] packageName) { + public boolean isPackage(char[][] parentPackageName, char[] packageName) { StringBuilder result = new StringBuilder(); -@@ -319,7 +310,6 @@ public class JDTCompiler extends org.apa + String sep = ""; +@@ -302,7 +293,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { return isPackage(result.toString()); } @@ -77,7 +79,7 @@ public void cleanup() { } -@@ -368,33 +358,6 @@ public class JDTCompiler extends org.apa +@@ -350,43 +340,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { } else if(opt.equals("1.7")) { settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_1_7); @@ -99,8 +101,8 @@ - // This is checked against the actual version below. - settings.put(CompilerOptions.OPTION_Source, "11"); - } else if(opt.equals("12")) { -- // Constant not available in latest available ECJ version. -- // May be supported in a snapshot build. +- // Constant not available in latest ECJ version that runs on +- // Java 6. - // This is checked against the actual version below. - settings.put(CompilerOptions.OPTION_Source, "12"); - } else if(opt.equals("13")) { @@ -108,10 +110,20 @@ - // May be supported in a snapshot build. - // This is checked against the actual version below. - settings.put(CompilerOptions.OPTION_Source, "13"); +- } else if(opt.equals("14")) { +- // Constant not available in latest available ECJ version. +- // May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_Source, "14"); +- } else if(opt.equals("15")) { +- // Constant not available in latest available ECJ version. +- // May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_Source, "15"); } else { log.warn(Localizer.getMessage("jsp.warning.unknown.sourceVM", opt)); settings.put(CompilerOptions.OPTION_Source, -@@ -436,40 +399,6 @@ public class JDTCompiler extends org.apa +@@ -428,52 +381,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { CompilerOptions.VERSION_1_7); settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_1_7); @@ -138,8 +150,8 @@ - settings.put(CompilerOptions.OPTION_TargetPlatform, "11"); - settings.put(CompilerOptions.OPTION_Compliance, "11"); - } else if(opt.equals("12")) { -- // Constant not available in latest available ECJ version. -- // May be supported in a snapshot build. +- // Constant not available in latest ECJ version that runs on +- // Java 6. - // This is checked against the actual version below. - settings.put(CompilerOptions.OPTION_TargetPlatform, "12"); - settings.put(CompilerOptions.OPTION_Compliance, "12"); @@ -149,10 +161,22 @@ - // This is checked against the actual version below. - settings.put(CompilerOptions.OPTION_TargetPlatform, "13"); - settings.put(CompilerOptions.OPTION_Compliance, "13"); +- } else if(opt.equals("14")) { +- // Constant not available in latest ECJ version shipped with +- // Tomcat. May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_TargetPlatform, "14"); +- settings.put(CompilerOptions.OPTION_Compliance, "14"); +- } else if(opt.equals("15")) { +- // Constant not available in latest ECJ version shipped with +- // Tomcat. May be supported in a snapshot build. +- // This is checked against the actual version below. +- settings.put(CompilerOptions.OPTION_TargetPlatform, "15"); +- settings.put(CompilerOptions.OPTION_Compliance, "15"); } else { log.warn(Localizer.getMessage("jsp.warning.unknown.targetVM", opt)); settings.put(CompilerOptions.OPTION_TargetPlatform, -@@ -487,7 +416,6 @@ public class JDTCompiler extends org.apa +@@ -491,7 +398,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { new DefaultProblemFactory(Locale.getDefault()); final ICompilerRequestor requestor = new ICompilerRequestor() { diff --git a/tomcat.spec b/tomcat.spec index 814084f..3ce8a84 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -81,7 +81,7 @@ Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch # Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6 -Patch2: %{name}-7.0.94-RemoveCompilerOptions.patch +Patch2: %{name}-7.0.104-RemoveCompilerOptions.patch # Adding patch to remove unsupport ant tasks/attributes Patch3: %{name}-7.0.99-build.patch Patch4: %{name}-7.0-catalina-policy.patch From 4ac0942113d6dcda669d2689e100a2b7f3c291dc Mon Sep 17 00:00:00 2001 From: Hui Wang Date: Mon, 8 Jun 2020 14:48:38 +0800 Subject: [PATCH 77/79] Re-create tomcat-7.0.104-RemoveCompilerOptions.patch --- tomcat-7.0.104-RemoveCompilerOptions.patch | 30 ++++++++++------------ 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/tomcat-7.0.104-RemoveCompilerOptions.patch b/tomcat-7.0.104-RemoveCompilerOptions.patch index d90a5a6..1a6190c 100644 --- a/tomcat-7.0.104-RemoveCompilerOptions.patch +++ b/tomcat-7.0.104-RemoveCompilerOptions.patch @@ -1,8 +1,6 @@ -diff --git a/java/org/apache/jasper/compiler/JDTCompiler.java b/java/org/apache/jasper/compiler/JDTCompiler.java -index 2836724..5d5c44b 100644 ---- a/java/org/apache/jasper/compiler/JDTCompiler.java -+++ b/java/org/apache/jasper/compiler/JDTCompiler.java -@@ -95,7 +95,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2020-06-08 14:28:56.745393437 +0800 ++++ java/org/apache/jasper/compiler/JDTCompiler.java 2020-06-08 14:33:16.421538658 +0800 +@@ -95,7 +95,6 @@ /** * Compile the servlet from .java file to .class file */ @@ -10,7 +8,7 @@ index 2836724..5d5c44b 100644 protected void generateClass(String[] smap) throws FileNotFoundException, JasperException, Exception { long t1 = 0; -@@ -122,12 +121,10 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -122,12 +121,10 @@ this.sourceFile = sourceFile; } @@ -23,7 +21,7 @@ index 2836724..5d5c44b 100644 public char[] getContents() { char[] result = null; FileInputStream is = null; -@@ -167,7 +164,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -167,7 +164,6 @@ return result; } @@ -31,7 +29,7 @@ index 2836724..5d5c44b 100644 public char[] getMainTypeName() { int dot = className.lastIndexOf('.'); if (dot > 0) { -@@ -176,7 +172,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -176,7 +172,6 @@ return className.toCharArray(); } @@ -39,7 +37,7 @@ index 2836724..5d5c44b 100644 public char[][] getPackageName() { StringTokenizer izer = new StringTokenizer(className, "."); char[][] result = new char[izer.countTokens()-1][]; -@@ -187,7 +182,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -187,7 +182,6 @@ return result; } @@ -47,7 +45,7 @@ index 2836724..5d5c44b 100644 public boolean ignoreOptionalProblems() { return false; } -@@ -195,7 +189,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -195,7 +189,6 @@ final INameEnvironment env = new INameEnvironment() { @@ -55,7 +53,7 @@ index 2836724..5d5c44b 100644 public NameEnvironmentAnswer findType(char[][] compoundTypeName) { StringBuilder result = new StringBuilder(); -@@ -208,7 +201,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -208,7 +201,6 @@ return findType(result.toString()); } @@ -63,7 +61,7 @@ index 2836724..5d5c44b 100644 public NameEnvironmentAnswer findType(char[] typeName, char[][] packageName) { StringBuilder result = new StringBuilder(); String sep = ""; -@@ -281,7 +273,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -281,7 +273,6 @@ } } @@ -71,7 +69,7 @@ index 2836724..5d5c44b 100644 public boolean isPackage(char[][] parentPackageName, char[] packageName) { StringBuilder result = new StringBuilder(); String sep = ""; -@@ -302,7 +293,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -302,7 +293,6 @@ return isPackage(result.toString()); } @@ -79,7 +77,7 @@ index 2836724..5d5c44b 100644 public void cleanup() { } -@@ -350,43 +340,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -350,43 +340,6 @@ } else if(opt.equals("1.7")) { settings.put(CompilerOptions.OPTION_Source, CompilerOptions.VERSION_1_7); @@ -123,7 +121,7 @@ index 2836724..5d5c44b 100644 } else { log.warn(Localizer.getMessage("jsp.warning.unknown.sourceVM", opt)); settings.put(CompilerOptions.OPTION_Source, -@@ -428,52 +381,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -428,52 +381,6 @@ CompilerOptions.VERSION_1_7); settings.put(CompilerOptions.OPTION_Compliance, CompilerOptions.VERSION_1_7); @@ -176,7 +174,7 @@ index 2836724..5d5c44b 100644 } else { log.warn(Localizer.getMessage("jsp.warning.unknown.targetVM", opt)); settings.put(CompilerOptions.OPTION_TargetPlatform, -@@ -491,7 +398,6 @@ public class JDTCompiler extends org.apache.jasper.compiler.Compiler { +@@ -491,7 +398,6 @@ new DefaultProblemFactory(Locale.getDefault()); final ICompilerRequestor requestor = new ICompilerRequestor() { From 9563f11b9e2c97b5b64739128da4a0f8ef49ce43 Mon Sep 17 00:00:00 2001 From: Hui Wang Date: Wed, 15 Jul 2020 18:27:04 +0800 Subject: [PATCH 78/79] Update to 7.0.105 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index 4417343..f6d956a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.104-src.tar.gz) = 788eab3ac343815362decf4c0d5db91f3697cc669e7e051f93bf82905cc52f9b040d00b7e07f7b85bcf470e802418896a678f991e523e08a3ae5a2f212a53257 +SHA512 (apache-tomcat-7.0.105-src.tar.gz) = 249e039775e833d75b631cec26132b42e4aed25491a29f2349fa41b81737688b0a2e453072d8e3c5fc28763a9d1922f59da7529378ce8fd472eca7bbc73a6bd2 diff --git a/tomcat.spec b/tomcat.spec index 3ce8a84..e8211ba 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 104 +%global micro_version 105 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -618,6 +618,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Wed Jul 15 2020 Hui Wang - 1:7.0.105-1 +- Update to 7.0.105 + * Thu Jun 04 2020 Hui Wang - 1:7.0.104-1 - Update to 7.0.104 From a1745856032b6d2d046cca12159c9e2bcdec299e Mon Sep 17 00:00:00 2001 From: Hui Wang Date: Wed, 28 Oct 2020 18:40:15 +0800 Subject: [PATCH 79/79] Update to 7.0.106 --- sources | 2 +- tomcat.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sources b/sources index f6d956a..083dee0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (apache-tomcat-7.0.105-src.tar.gz) = 249e039775e833d75b631cec26132b42e4aed25491a29f2349fa41b81737688b0a2e453072d8e3c5fc28763a9d1922f59da7529378ce8fd472eca7bbc73a6bd2 +SHA512 (apache-tomcat-7.0.106-src.tar.gz) = 5ce5a5af93c58e69c4758c2c0dedeadeceb6be920421b9d3b3d071d32fc8eb59ba8312c98d037b8434fe43d57a9f720ad8790de29a26ed2959f6c761fe1fd573 diff --git a/tomcat.spec b/tomcat.spec index e8211ba..a8dd919 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 105 +%global micro_version 106 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -618,6 +618,9 @@ fi %{_sbindir}/%{name}-jsvc %changelog +* Wed Oct 28 2020 Hui Wang - 1:7.0.106-1 +- Update to 7.0.106 + * Wed Jul 15 2020 Hui Wang - 1:7.0.105-1 - Update to 7.0.105