Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 92997 invoked from network); 2 Aug 2007 08:18:13 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 Aug 2007 08:18:13 -0000 Received: (qmail 46459 invoked by uid 500); 2 Aug 2007 08:18:01 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 46414 invoked by uid 500); 2 Aug 2007 08:18:01 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 46373 invoked by uid 99); 2 Aug 2007 08:18:01 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Aug 2007 01:18:01 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [195.227.30.246] (HELO datura.kippdata.de) (195.227.30.246) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Aug 2007 08:17:55 +0000 Received: from [192.168.2.137] ([192.168.2.137]) by datura.kippdata.de (8.13.5/8.13.5) with ESMTP id l728HW1l016259 for ; Thu, 2 Aug 2007 10:17:33 +0200 (CEST) Message-ID: <46B1938A.7080007@kippdata.de> Date: Thu, 02 Aug 2007 10:19:22 +0200 From: Rainer Jung User-Agent: Thunderbird 2.0.0.5 (Windows/20070716) MIME-Version: 1.0 To: Tomcat Developers List Subject: Re: Serious regression in JK 1.2.24 References: <46B1765C.5070504@apache.org> In-Reply-To: <46B1765C.5070504@apache.org> Content-Type: text/plain; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Hi, OK with me. I've one outstanding patch related to fail on status. I think Ben short is testing today. I wrote mails about it to the user list and the patch is not committed yet. It's http://people.apache.org/~rjung/mod_jk-dev/patches/fail-on-status.patch (in short: fail on status has to be moved to a place a little earlier, because at the moment headers are set before fail on status. So if we do a retry and get different headers back, we produce an answer with an undefined mix of headers. In the users case we set Content-Length from the failure response, and the retry on another node succeeded with a chunked encoding ...) Also there is one outstanding fix concerning nsapi on netware (which now has an unneeded dependency on shm). We could review all changes since 1.2.24 (that's not much) and then skip the quality check phase, instead directly roll an oficial test/vote tarball. Would tomorrow be OK for that? Regards, Rainer Mladen Turk wrote: > Hi, > > We have a problem with 1.2.24 that luckily is not security leak, > but it is security related. > > The problem is that 401 from Tomcat without body > (a standard HTTP_UNAUTHORIZED) is treated as 401, meaning > that Apache is returning 401 page instead passing 401 > to the client. > > I already patched the SVN. > Can we roll 1.2.25? > > Regards, > Mladen. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org