Bug report for Tomcat 6 [2013/09/08]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |41679|New|Enh|2007-02-22|SemaphoreValve should be able to filter on url pat| |41883|Ass|Enh|2007-03-18|use abstract wrapper instead of plain X509Certific| |43001|New|Enh|2007-07-30|JspC lacks setMappedFile and setDie for use in Ant| |43400|New|Enh|2007-09-14|enum support for tag libs | |43548|Opn|Enh|2007-10-04|xml schema for tomcat-users.xml | |43682|New|Enh|2007-10-23|JULI: web-inf/classes/logging.properties to suppor| |43742|New|Enh|2007-10-30|.tag compiles performed one at a time -- extremel| |43979|New|Enh|2007-11-27|Add abstraction for Java and Classfile output | |44199|New|Enh|2008-01-10|expose current backlog queue size | |44225|New|Enh|2008-01-14|SSL connector tries to load the private keystore f| |44294|New|Enh|2008-01-25|Support for EL functions with varargs | |44645|New|Enh|2008-03-20|[Patch] JNDIRealm - Doesn't support JNDI java.nam| |44787|New|Enh|2008-04-09|provide more error context on java.lang.IllegalSt| |44818|New|Enh|2008-04-13|tomcat hangs with GET when content-length is defin| |45014|New|Enh|2008-05-15|Request and Response classes should have wrappers | |45282|New|Enh|2008-06-25|NioReceiver doesn't close cleanly, leaving sockets| |45832|New|Enh|2008-09-18|add DIGEST authentication support to Ant tasks| |45878|New|Enh|2008-09-24|Generated jars do not contain proper manifests or | |45879|Opn|Enh|2008-09-24|Windows installer fails to install NOTICE and RELE| |45931|Opn|Enh|2008-10-01|trimSpaces incorrectly modifies output| |46173|New|Enh|2008-11-09|Small patch for manager app: Setting an optional c| |46284|New|Enh|2008-11-24|Add flag to DeltaManager that blocks processing cl| |46350|New|Enh|2008-12-05|Maven repository should contain source bundles| |46558|Opn|Enh|2009-01-19|Shutdown port with address binding| |46727|New|Enh|2009-02-17|DefaultServlet - serving multiple encodings | |46902|New|Enh|2009-03-24|LoginValve to bypass restrictions of j_security_ch| |47214|New|Enh|2009-05-17|Inner classes that are explicitly referenced - sho| |47242|New|Enh|2009-05-22|request for AJP command line client | |47281|New|Enh|2009-05-28|Efficiency of the JDBCStore | |47407|New|Enh|2009-06-23|HttpSessionListener doesn't operate in the session| |47467|New|Enh|2009-07-02|Deployment of the war file by URL when contextpath| |47834|New|Enh|2009-09-14|TldConfig throws Exception when exploring unpacked| |47919|New|Enh|2009-09-30|Log Tomcat Java environment variables in additio| |48358|Opn|Enh|2009-12-09|JSP-unloading reloaded| |48543|New|Enh|2010-01-14|[Patch] More flexibility in specifying -Dcatalina.| |48672|New|Enh|2010-02-03|Tomcat Virtual Host Manager (/host-manager) have b| |48674|New|Enh|2010-02-03|Tomcat Virtual Host Manager application doesn't pe| |48743|New|Enh|2010-02-15|Make the SLEEP variable in catalina.sh settable fr| |48899|New|Enh|2010-03-12|Guess URI charset should solve lot of problems| |48922|New|Enh|2010-03-16|org.apache.catalina.connector.Request clone static| |48928|New|Enh|2010-03-17|An alternative solution to preloading classes when| |49161|New|Enh|2010-04-21|Unknown Publisher when installing tomcat 6.0.26 | |49176|Opn|Enh|2010-04-23|Jasper in Dev Mode Is Memory Inefficient | |49464|New|Enh|2010-06-18|DefaultServlet and CharacterEncoding | |49531|New|Enh|2010-06-30|singlesignon failover not working on DeltaManager/| |49804|New|Enh|2010-08-23|Allow Embedded.redirectStreams value to be configu| |49939|New|Enh|2010-09-16|Expose a method via JMX which empties the webapp f| |49943|New|Enh|2010-09-16|Logging (via juli) does not reread configuration c| |50285|New|Enh|2010-11-17|Standard HTTP and AJP connectors silently ignore a| |50288|New|Enh|2010-11-17|Uploading a war file that already exists should au| |50692|New|Enh|2011-01-31|Improve log message in ThreadPool.logFull |
Bug report for Tomcat 7 [2013/09/08]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |18500|New|Enh|2003-03-30|Host aliases to match by regular expression | |28039|Opn|Enh|2004-03-30|Cluster Support for SingleSignOn | |40728|Inf|Enh|2006-10-11|Catalina MBeans use non-serializable classes | |40881|Opn|Enh|2006-11-02|Unable to receive message through TCP channel - | |41007|Opn|Enh|2006-11-20|Can't define customized 503 error page| |43866|New|Enh|2007-11-14|add support for session attribute propagation with| |43925|Opn|Enh|2007-11-21|org.apache.jasper.runtime.BodyContentImpl causing | |44216|New|Enh|2008-01-11|Don't reuse session ID even if emptySessionPath=tr| |49395|New|Enh|2010-06-06|manager.findLeaks : display the date when the leak| |49589|New|Enh|2010-07-12|Tag handlers with constant attribute values are al| |49785|New|Enh|2010-08-19|Enabling TLS for JNDIRealm| |49821|New|Enh|2010-08-25|Tomcat CLI| |50019|New|Enh|2010-09-28|Adding JNDI lookup-name support In XML and Resou| |50175|New|Enh|2010-10-28|Enhance memory leak detection by selectively apply| |50234|New|Enh|2010-11-08|JspC use servlet 3.0 features | |50504|New|Enh|2010-12-21|Allow setting query string character set trough re| |50670|New|Enh|2011-01-27|Tribes | RpcChannel | Add option to specify extern| |51195|New|Enh|2011-05-13|Find leaks reports a false positive memory/class| |51294|Opn|Enh|2011-05-30|Since 7.0.12 do not work option unpackWARs=true fo| |51423|Inf|Enh|2011-06-23|[Patch] to add a path and a version parameters to | |51463|New|Enh|2011-07-01|Tomcat.setBaseDir (package org.apache.catalina.st| |51496|New|Enh|2011-07-11|NSIS - Warn that duplicate service name will resul| |51587|New|Enh|2011-07-29|Implement status and uptime commands | |51953|New|Enh|2011-10-04|Proposal: netmask filtering valve and filter | |52235|New|Enh|2011-11-23|Please do a bit of SEO tuning for the web site| |52323|New|Enh|2011-12-13|Cobertura test code coverage support for build.xml| |52381|New|Enh|2011-12-22|Please add OSGi metadata | |52448|New|Enh|2012-01-11|Cache jar indexes in WebappClassLoader to speed up| |52489|New|Enh|2012-01-19|Enhancement request for code signing of war files | |52558|New|Enh|2012-01-30|CometConnectionManagerValve is adding non-serializ| |52688|New|Enh|2012-02-16|Add ability to remove old access log files| |52751|Opn|Enh|2012-02-23|Optimized configuration of the system info display| |52952|New|Enh|2012-03-20|Improve ExtensionValidator handling for embedded s| |53085|New|Enh|2012-04-16|[perf] [concurrency] DefaultInstanceManager.annota| |53387|New|Enh|2012-06-08|SSI: Allow to use $1 to get result of regular expr| |53411|Opn|Enh|2012-06-13|NullPointerException in org.apache.tomcat.util.buf| |53492|New|Enh|2012-07-01|Make JspC shell multithreaded | |53553|New|Enh|2012-07-16|[PATCH] Deploy uploaded WAR with context.xml from | |53602|New|Enh|2012-07-25|Support for HTTP status code 451 | |53620|New|Enh|2012-07-30|[juli] delay opening a file until something gets l| |54330|New|Enh|2012-12-19|Patch with some refactoring of Member.java| |54499|New|Enh|2013-01-29|Implementation of Extensible EL Interpreter | |54618|New|Enh|2013-02-28|Add filter implementing HTTP Strict Transport Secu| |54802|New|Enh|2013-04-04|Provide location information for exceptions thrown| |55104|New|Enh|2013-06-16|Allow passing arguments with spaces to Commons Dae| |55317|New|Enh|2013-07-28|Facilitate weaving by allowing ClassFileTransforme| |55470|New|Enh|2013-08-23|Help users for ClassNotFoundExceptions during star| |55477|New|Enh|2013-08-23|Add a solution to map an realm name to a security | |55530|New|Enh|2013-09-06|webdavServlet support aliases folder upload and de| |55533|New|Nor|2013-09-07|ProxyDirContext throws null pointer exception on r| |55534|New|Nor|2013-09-07|Tomcat 7 and 8 missing javax.annotation classes ad|
Bug report for Taglibs [2013/09/08]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |38193|Ass|Enh|2006-01-09|[RDC] BuiltIn Grammar support for Field | |38600|Ass|Enh|2006-02-10|[RDC] Enable RDCs to be used in X+V markup (X+RDC)| |42413|New|Enh|2007-05-14|[PATCH] Log Taglib enhancements | |46052|New|Nor|2008-10-21|SetLocaleSupport is slow to initialize when many l| |48333|New|Enh|2009-12-02|TLD generator | +-+---+---+--+--+ | Total5 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Native [2013/09/08]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |46179|Opn|Maj|2008-11-10|apr ssl client authentication | |48655|Inf|Nor|2010-02-02|Active multipart downloads prevent tomcat shutdown| |49038|Inf|Nor|2010-04-02|Crash in tcnative | |52153|New|Maj|2011-11-08|periodic JVM crash (access violation) on buffer fl| |52319|New|Maj|2011-12-12|Tomcat 6 crashes with [libapr-1.so.0+0x196da] sig| |52627|New|Min|2012-02-08|Segmentation fault in org.apache.tomcat.jni.File.i| |53605|New|Nor|2012-07-26|use tcnative-1.1.24 Tomcat shutdown still crash | |53847|Inf|Nor|2012-09-10|High CPU usage in tomcat native 1.22+ | |53940|New|Enh|2012-09-27|Added support for new CRL loading after expiration| |53952|New|Nor|2012-10-02|Add support for TLS 1.1 and 1.2 | |54085|New|Nor|2012-11-01|ssl_socket_recv sometimes loops infinitely with no| |54664|New|Reg|2013-03-11|[1.1.27 branch] Poll.remove incorrectly reports AP| |55087|New|Cri|2013-06-10|tomcat crashes in tcnative-1.dll with OCSP when OC| |55113|New|Nor|2013-06-18|FIPS-compatible OpenSSL fails fingerprint test in | |55114|New|Nor|2013-06-18|BUILDING file in win32 source package contains UNI| +-+---+---+--+--+ | Total 15 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat 8 [2013/09/08]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |51497|New|Enh|2011-07-11|Use canonical IPv6 text representation in logs| |53737|Opn|Enh|2012-08-18|Use ServletContext.getJspConfigDescriptor() in Jas| |53930|New|Enh|2012-09-24|allow capture of catalina stdout/stderr to a comma| |54095|New|Enh|2012-11-03|[patch] support gzipped versions of static resourc| |54503|New|Enh|2013-01-29|SAML2 based single sign on| |54700|New|Enh|2013-03-15|Improvement: Add support for system property to sp| |54741|New|Enh|2013-03-22|Add org.apache.catalina.startup.Tomcat#addWebapp(S| |55006|New|Enh|2013-05-22|Add http proxy support for ClientEndpoint using sy| |55212|New|Enh|2013-07-08|Jasper does not validate XSD-based configuration f| |55243|New|Enh|2013-07-11|Add special search string for nested roles| |55249|New|Nor|2013-07-12|JspC compiles tag files even if compile options is| |55251|New|Nor|2013-07-12|JspC fails silently if directory for generated web| |55252|New|Enh|2013-07-12|Separate Ant and command-line wrappers for JspC | |55383|New|Enh|2013-08-07|Improve markup and design of Tomcat's HTML pages | |55479|New|Enh|2013-08-24|JSR 196 (JASPIC) support in Tomcat| |55511|New|Enh|2013-08-31|Reduce contention on WebappClassLoader| +-+---+---+--+--+ | Total 16 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Modules [2013/09/08]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |48240|New|Nor|2009-11-19|Tomcat-Lite missing @Override markers | |48268|New|Nor|2009-11-23|Patch to fix generics in tomcat-lite | |48861|New|Nor|2010-03-04|Files without AL headers | |49685|New|Nor|2010-08-02|Unsafe synchronization in class ManagedBean | |49686|New|Nor|2010-08-02|Using an instance lock to protect static shared da| |50571|Inf|Nor|2011-01-11|Tomcat 7 JDBC connection pool exception enhancemen| |51595|Inf|Nor|2011-08-01|org.apache.tomcat.jdbc.pool.jmx.ConnectionPool sho| |51879|Inf|Enh|2011-09-22|Improve access to Native Connection Methods | |52024|Inf|Enh|2011-10-13|Custom interceptor to support automatic failover o| |53088|Opn|Min|2012-04-17|Give PoolCleaner TimerTask a better name | |53198|New|Cri|2012-05-07|'driverClassName' Data Source Property Being Manda| |53199|Inf|Enh|2012-05-07|Refactor ConnectionPool to use ScheduledExecutorSe| |53200|New|Enh|2012-05-07|Be able to use SlowQueryReport without reporting f| |53770|New|Enh|2012-08-23|tomcat-pool: always log validation query syntax er| |53853|New|Nor|2012-09-11|Can tomcat-jdbc consider Thread#getContextClassLoa| |54225|New|Nor|2012-11-30|if initSQL property is set to an empty string a Nu| |54227|New|Nor|2012-11-30|maxAge should be checked on borrow| |54235|New|Nor|2012-12-03|tomcat jdbc pool stackoverflow error used with spr| |54395|New|Nor|2013-01-09|JdbcInterceptor config parameter parsing errors | |54437|New|Enh|2013-01-16|Update PoolProperties javadoc for ConnectState int| |54537|New|Cri|2013-02-07|StatementFinalizer closeInvoked is too slow for la| |54693|New|Enh|2013-03-13|Add a validationQueryTimeout property | |54929|New|Nor|2013-05-05|jdbc-pool cannot be used with Java 1.5, java.lang| |54978|New|Nor|2013-05-15|Validate on Borrow should be tested on Reconnect i| |55078|New|Nor|2013-06-07|Configuring a DataSource Resource with dataSourceJ| |55444|New|Nor|2013-08-18|Support JDBC Drivers outside of tomcat/lib/ | +-+---+---+--+--+ | Total 26 bugs | +---+ - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Bug report for Tomcat Connectors [2013/09/08]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | |34526|Opn|Nor|2005-04-19|Truncated content in decompressed requests from mo| |35959|Opn|Enh|2005-08-01|mod_jk not independant of UseCanonicalName| |43303|New|Enh|2007-09-04|Versioning under Windows not reported by many conn| |43968|Inf|Enh|2007-11-26|[patch] support ipv6 with mod_jk | |44290|Inf|Nor|2008-01-24|mod_jk/1.2.26: retry is not useful for an importan| |44349|Inf|Maj|2008-02-04|mod_jk/1.2.26 module does not read worker.status.s| |44379|New|Enh|2008-02-07|convert the output of strftime into UTF-8 | |44454|New|Nor|2008-02-19|busy count reported in mod_jk inflated, causes inc| |44571|New|Enh|2008-03-10|Limits busy per worker to a threshold | |45063|New|Nor|2008-05-22|JK-1.2.26 IIS ISAPI filter issue when running diff| |45313|New|Nor|2008-06-30|mod_jk 1.2.26 apache 2.2.9 static compiled on so| |46337|New|Nor|2008-12-04|real worker name is wrong | |46767|New|Enh|2009-02-25|mod_jk to send DECLINED in case no fail-over tomca| |47327|New|Enh|2009-06-07|remote_user not logged in apache logfile | |47617|Inf|Enh|2009-07-31|include time spent doing ajp_get_endpoint() in err| |47678|New|Cri|2009-08-11|Unable to allocate shared memory when using isapi_| |47714|New|Cri|2009-08-20|Reponse mixed between users | |47750|New|Maj|2009-08-27|Loss of worker settings when changing via jkstatus| |47795|New|Maj|2009-09-07|service sticky_session not being set correctly wit| |47840|Inf|Min|2009-09-14|A broken worker name is written in the log file. | |48191|New|Maj|2009-11-13|Problem with mod_jk 1.2.28 - Can not render up the| |48460|New|Nor|2009-12-30|mod_proxy_ajp document has three misleading portio| |48490|New|Nor|2010-01-05|Changing a node to stopped in uriworkermap.propert| |48513|New|Enh|2010-01-09|IIS Quick setup instructions | |48564|New|Nor|2010-01-18|Unable to turn off retries for LB worker | |48830|New|Nor|2010-03-01|IIS shutdown blocked in endpoint service when serv| |48891|Opn|Enh|2010-03-11|Missing EOL-style settings in tomcat/jk/trunk | |49035|New|Maj|2010-04-01|data lost when post a multipart/form-data form| |49063|New|Enh|2010-04-07|Please add JkStripSession status in jk-status work| |49135|New|Enh|2010-04-16|SPDY Connector for The Tomcat | |49469|New|Enh|2010-06-19|Workers status page has negative number of connect| |49732|Opn|Nor|2010-08-10|reply_timeout can't wait forever. | |49822|New|Enh|2010-08-25|Add hash lb worker method | |49903|New|Enh|2010-09-09|Make workers file reloadable | |50186|New|Nor|2010-10-31|Wrong documentation of connection_pool_timeout / c| |52334|New|Maj|2011-12-14|recover_time is not properly used | |52483|New|Enh|2012-01-18|Print JkOptions's options in log file and jkstatus| |52651|New|Nor|2012-02-13|JKSHMFile size limitation | |53324|Opn|Nor|2012-05-30|Starting with mod_jk 1.2.35 I cannot modify worker| |53542|New|Min|2012-07-13|Spelling mistake on 503 service unavailable page | |53762|New|Nor|2012-08-22|JK status manager: mass nodes handling doesn't wor| |53883|New|Maj|2012-09-17|isapi_redirect v 1.2.37 crashes w3wp.exe on the p| |53977|New|Maj|2012-10-07|32bits isapi connector cannot work in wow64 mode | |54027|New|Cri|2012-10-18|isapi send request to outside address instead of i| |54112|Opn|Blk|2012-11-07|ISAPI redirector not working when IIS recycles| |54117|New|Maj|2012-11-08|access violation exception in isapi_redirect.dll | |54177|New|Nor|2012-11-20|jkmanager generates non-well-formed XML for certai| |54596|New|Nor|2013-02-22|Relative path functionality truncates last charact| |54621|New|Nor|2013-02-28|[PATCH] custom mod_jk availability checks | |54646|New|Trv|2013-03-06|socket_keepalive is sometimes 1 or true or True in| |54923|New|Nor|2013-05-03|nsapi_redirect.so does not work with iPlanet on So|
[Bug 55477] Add a solution to map an realm name to a security role
https://issues.apache.org/bugzilla/show_bug.cgi?id=55477 Stefan Mayr ste...@mayr-stefan.de changed: What|Removed |Added Attachment #30759|0 |1 is obsolete|| Attachment #30788|0 |1 is obsolete|| --- Comment #9 from Stefan Mayr ste...@mayr-stefan.de --- Created attachment 30805 -- https://issues.apache.org/bugzilla/attachment.cgi?id=30805action=edit MappingRealm incl. docs MappingRealm comments were reworked and initial documentation has been added to docs/config/realm.xml and docs/realm-howto.xml (mostly copy paste from existing sections) -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55536] New: allow to disable Secure Client-Initiated Renegotiation - DOS risk
https://issues.apache.org/bugzilla/show_bug.cgi?id=55536 Bug ID: 55536 Summary: allow to disable Secure Client-Initiated Renegotiation - DOS risk Product: Tomcat 7 Version: unspecified Hardware: PC Status: NEW Severity: enhancement Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: hau...@acm.org The Apache/2.2.24 (FreeBSD) mod_ssl/2.2.24 OpenSSL/1.0.1e of https://www.ssllabs.com/ssltest/analyze.html?d=issues.apache.org doesn't allow Secure Client-Initiated Renegotiation It is considered dangerous for DoS attacks: https://community.qualys.com/blogs/securitylabs/2011/10/31/tls-renegotiation-and-denial-of-service-attacks How could this be done with tomcat7? http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme-141115.html maybe the approach of bug 48236 could be used for this purpose again? // after creation, immediately disable all ciphers, avoiding any subsequent handshake ((SSLSocket)sock).setEnabledCipherSuites(new String[0]); -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 55537] New: add support for TLS1.1 and TLS1.2 excluding TLS1.0 (BEAST attack)
https://issues.apache.org/bugzilla/show_bug.cgi?id=55537 Bug ID: 55537 Summary: add support for TLS1.1 and TLS1.2 excluding TLS1.0 (BEAST attack) Product: Tomcat 7 Version: unspecified Hardware: PC Status: NEW Severity: normal Priority: P2 Component: Connectors Assignee: dev@tomcat.apache.org Reporter: hau...@acm.org see also Bug 53952 for native. In http://tomcat.apache.org/tomcat-6.0-doc/config/http.html#SSL%20Support, the sslProtocol attribute would have to be String[], i.e. e.g. comma separated protocol list currently, TLSv1.2 can be put there, but it doesn't appear to have a limiting effect on TLSv1.0 http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SSLContext https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 53952] Add support for TLS 1.1 and 1.2
https://issues.apache.org/bugzilla/show_bug.cgi?id=53952 Ralf Hauser hau...@acm.org changed: What|Removed |Added CC||hau...@acm.org --- Comment #26 from Ralf Hauser hau...@acm.org --- see also Bug 55537 -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Tagging Tomcat Native 1.1.28
Hi, I plan to tag Tomcat Native 1.1.28 later today and start RM process. Any objections, issues? Regards -- ^TM - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
