https://issues.apache.org/bugzilla/show_bug.cgi?id=45015
--- Comment #13 from youweiwang fightforj...@gmail.com 2009-11-12 00:05:07
UTC ---
You can add this config option to the file catalina.properties which is in
the directory of %tomcat_home%/conf,as follows:
Author: mturk
Date: Thu Nov 12 10:29:34 2009
New Revision: 835322
URL: http://svn.apache.org/viewvc?rev=835322view=rev
Log:
Port mod_ssl fix for CVE-2009-3555
Modified:
tomcat/native/trunk/native/include/ssl_private.h
tomcat/native/trunk/native/src/sslcontext.c
Author: mturk
Date: Thu Nov 12 11:17:44 2009
New Revision: 835335
URL: http://svn.apache.org/viewvc?rev=835335view=rev
Log:
Actually abort the connection in case of RENEG_ABORT.
Modified:
tomcat/native/trunk/native/src/sslnetwork.c
Modified: tomcat/native/trunk/native/src/sslnetwork.c
URL:
Author: kkolinko
Date: Thu Nov 12 11:20:43 2009
New Revision: 835336
URL: http://svn.apache.org/viewvc?rev=835336view=rev
Log:
Followup to r.817822 and r.833545
You have to specify explicit encoding in a fixcrlf task
Modified:
tomcat/trunk/dist.xml
Modified: tomcat/trunk/dist.xml
URL:
Author: kkolinko
Date: Thu Nov 12 11:25:02 2009
New Revision: 835337
URL: http://svn.apache.org/viewvc?rev=835337view=rev
Log:
votes
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
Author: mturk
Date: Thu Nov 12 11:27:50 2009
New Revision: 835340
URL: http://svn.apache.org/viewvc?rev=835340view=rev
Log:
Propose renegotiation fix backport
Modified:
tomcat/native/branches/1.1.x/STATUS.txt
Modified: tomcat/native/branches/1.1.x/STATUS.txt
URL:
I newly installed the mod_jk 1.2.28 and since then got problem (see below).
I have a web application which is deployed on Jboss. One of the function of
this web-app is: You can click a button (such as 'Generate Report') on
client to submit a request for generating a PDF-report. The generation of
Hi,
Just made the fix by modifying the mod_ssl patch
so that connection gets closed on R.
Problem with OpenSSL 0.9.8l that it has renegotiation
disabled and that it gets blocked in 'R' thus making
it a potential DoS (much worse then actual R) so
I'd suggest we don't use it and create immediate
Author: kkolinko
Date: Thu Nov 12 11:45:10 2009
New Revision: 835349
URL: http://svn.apache.org/viewvc?rev=835349view=rev
Log:
Try to correct Peter's changelog entry of r.834790
Modified:
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified:
Author: kkolinko
Date: Thu Nov 12 11:51:56 2009
New Revision: 835351
URL: http://svn.apache.org/viewvc?rev=835351view=rev
Log:
vote
Modified:
tomcat/tc5.5.x/trunk/STATUS.txt
Modified: tomcat/tc5.5.x/trunk/STATUS.txt
URL:
Author: mturk
Date: Thu Nov 12 13:46:19 2009
New Revision: 835381
URL: http://svn.apache.org/viewvc?rev=835381view=rev
Log:
Current SVN version is 1.1.18-dev
Modified:
tomcat/native/branches/1.1.x/native/include/tcn_version.h
Modified:
On 12/11/09 12:34, Mladen Turk wrote:
I'd suggest we don't use it and create immediate release
of 1.1.18 with the fix.
BTW, released 1.1.17 reports as 1.1.17-dev ;)
RM forgot to update the version before tagging
So yet another reason for 1.1.18
Regards
--
^TM
Author: kkolinko
Date: Thu Nov 12 15:01:56 2009
New Revision: 835404
URL: http://svn.apache.org/viewvc?rev=835404view=rev
Log:
vote and proposal
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
Author: kkolinko
Date: Thu Nov 12 15:13:30 2009
New Revision: 835411
URL: http://svn.apache.org/viewvc?rev=835411view=rev
Log:
vote
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
On 12/11/09 17:25, Filip Hanik - Dev Lists wrote:
Note. Don't use 0.9.8l for testing cause that bugger will
block on renegotiation until socket timeout.
This is actually not so bad. Since it's so easy to achieve the same DoS
by simply sending a partial POST body, or partial GET request, and
On 11/12/2009 04:34 AM, Mladen Turk wrote:
Hi,
Just made the fix by modifying the mod_ssl patch
so that connection gets closed on R.
Problem with OpenSSL 0.9.8l that it has renegotiation
disabled and that it gets blocked in 'R' thus making
it a potential DoS (much worse then actual R) so
I'd
https://issues.apache.org/bugzilla/show_bug.cgi?id=48158
--- Comment #4 from Ralf Hauser hau...@acm.org 2009-11-12 08:59:24 UTC ---
see also http://marc.info/?t=12576133601r=1w=2
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this
Dear Wiki user,
You have subscribed to a wiki page or wiki category on Tomcat Wiki for change
notification.
The PoweredBy page has been changed by ShadiSaba.
http://wiki.apache.org/tomcat/PoweredBy?action=diffrev1=207rev2=208
--
Dear Wiki user,
You have subscribed to a wiki page or wiki category on Tomcat Wiki for change
notification.
The PoweredBy page has been changed by ShadiSaba.
http://wiki.apache.org/tomcat/PoweredBy?action=diffrev1=208rev2=209
--
Author: markt
Date: Thu Nov 12 17:29:00 2009
New Revision: 835460
URL: http://svn.apache.org/viewvc?rev=835460view=rev
Log:
Servlet 3 implementation.
- Add support for relative fragment ordering and some test cases
- Re-order fragment and annotation processing to match spec
- Implement
https://issues.apache.org/bugzilla/show_bug.cgi?id=48158
--- Comment #5 from Ralf Hauser hau...@acm.org 2009-11-12 09:52:53 UTC ---
(In reply to comment #3)
Couldn't you make this an optional server.xml attribute
See the clientAuth connector attribute for options already available for
https://issues.apache.org/bugzilla/show_bug.cgi?id=48097
Konstantin Kolinko knst.koli...@gmail.com changed:
What|Removed |Added
Status|RESOLVED
Author: markt
Date: Thu Nov 12 19:53:49 2009
New Revision: 835516
URL: http://svn.apache.org/viewvc?rev=835516view=rev
Log:
Make TODO comments consistent to make them easier to find
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Request.java
On 12.11.2009 17:39, Mladen Turk wrote:
Well even OpenSSL folks admitted that 0.9.8l wrongly approached
dealing to that issue. They even removed the
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION flag from the 0.9.8 branch
and now they use SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION using
Thomas,
please do not cross-post. The discussion is pretty well going on on your
post on the users list. See the latest answers you got on your posted
test case and logs, which show that for this specific test your request
to JBoss didn't return a PDF document, but instead an html snippet.
Remy Maucherat wrote:
On Wed, 2009-11-11 at 16:45 -0500, Mark Thomas wrote:
I really do loath cookies right now. I've pulled the proposed patches for
5.5.x
and 6.0.x until I (or someone else) can take a look at this.
I do too. v0 cookies is 15 years old stuff that Netscape hacked out of
On 12/11/09 21:17, Rainer Jung wrote:
On 12.11.2009 17:39, Mladen Turk wrote:
Well even OpenSSL folks admitted that 0.9.8l wrongly approached
dealing to that issue. They even removed the
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION flag from the 0.9.8 branch
and now they use
Mark Thomas wrote:
Remy Maucherat wrote:
On Wed, 2009-11-11 at 16:45 -0500, Mark Thomas wrote:
I really do loath cookies right now. I've pulled the proposed patches for
5.5.x
and 6.0.x until I (or someone else) can take a look at this.
I do too. v0 cookies is 15 years old stuff that
On 12.11.2009 21:31, Mladen Turk wrote:
On 12/11/09 21:17, Rainer Jung wrote:
On 12.11.2009 17:39, Mladen Turk wrote:
Well even OpenSSL folks admitted that 0.9.8l wrongly approached
dealing to that issue. They even removed the
SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION flag from the 0.9.8
Author: markt
Date: Thu Nov 12 21:19:09 2009
New Revision: 835552
URL: http://svn.apache.org/viewvc?rev=835552view=rev
Log: (empty)
Modified:
tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/http/ServerCookie.java
URL:
Author: markt
Revision: 835552
Modified property: svn:log
Modified: svn:log at Thu Nov 12 21:22:42 2009
--
--- svn:log (original)
+++ svn:log Thu Nov 12 21:22:42 2009
@@ -0,0 +1,2 @@
+Make handling of / as a separator
Author: markt
Date: Thu Nov 12 21:36:49 2009
New Revision: 835567
URL: http://svn.apache.org/viewvc?rev=835567view=rev
Log:
Fix NPEs on startup with relative ordering and provide somewhere to store
results of annotation scanning when that is implemented
Modified:
Author: kkolinko
Revision: 833535
Modified property: svn:log
Modified: svn:log at Thu Nov 12 22:57:16 2009
--
--- svn:log (original)
+++ svn:log Thu Nov 12 22:57:16 2009
@@ -0,0 +1 @@
+Implement Remote IP Valve
Author: kkolinko
Date: Thu Nov 12 22:59:52 2009
New Revision: 835625
URL: http://svn.apache.org/viewvc?rev=835625view=rev
Log:
Remove svn:mergeinfo added in rev.833536
Modified:
tomcat/tc6.0.x/trunk/test/org/apache/catalina/valves/ (props changed)
On Thu, 2009-11-12 at 16:03 -0500, Mark Thomas wrote:
I've done some more digging and I think I have found what was causing this.
I'll
have a fix for trunk shortly and (after some testing) I'll re-propose.
No, what I meant is that, if you want to go the strict route and use '/'
as a separator
i would like to load a singleton type resource WHEN TOMCAT STARTS.
currently, the way i do it, the resource is initialized when it is first
looked up from the context by a client. i understand that i can make a
bastardized servlet, which does nothing related to http and is in web.xml
and it
Try asking this on the Tomcat Users List.
p
On 12/11/2009 23:40, foampile wrote:
i would like to load a singleton type resource WHEN TOMCAT STARTS.
currently, the way i do it, the resource is initialized when it is first
looked up from the context by a client. i understand that i can make a
Author: kkolinko
Date: Fri Nov 13 00:19:07 2009
New Revision: 835657
URL: http://svn.apache.org/viewvc?rev=835657view=rev
Log:
proposal
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
Author: kkolinko
Date: Fri Nov 13 00:50:08 2009
New Revision: 835681
URL: http://svn.apache.org/viewvc?rev=835681view=rev
Log:
Propose two additional backports for JULI FileHandler series of patches
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
Dear Wiki user,
You have subscribed to a wiki page or wiki category on Tomcat Wiki for change
notification.
The PoweredBy page has been changed by YoavShapira.
http://wiki.apache.org/tomcat/PoweredBy?action=diffrev1=209rev2=210
--
https://issues.apache.org/bugzilla/show_bug.cgi?id=45015
youweiwang fightforj...@gmail.com changed:
What|Removed |Added
Version|5.5.23 |5.5.27
--
https://issues.apache.org/bugzilla/show_bug.cgi?id=45015
youweiwang fightforj...@gmail.com changed:
What|Removed |Added
Version|5.5.27 |5.5.28
--
42 matches
Mail list logo