Re: ERR_SPDY_COMPRESSION_ERROR

Hi, Any pointers please? Thanks, Durga Srinivasu On Wed, Dec 14, 2016 at 10:15 PM, Durga Srinivasu Karuturi < durgasriniv...@gmail.com> wrote: > Hi, > > Recent chrome [Mac - Sierra : Version 55.0.2883.87 (64-bit) ] we are seeing > issues in http2 sites. > > > Ini

Chrome 55 - ERR_SPDY_COMPRESSION_ERROR

Hi, Recent chrome [Mac - Sierra : Version 55.0.2883.87 (64-bit) ] we are seeing issues in http2 sites. Initially we have seen problem with http2 table header size limit error and to fix this, we have upgraded tomcat 8.5.4 to 8.5.9 where tomcat has increased the header limit from 16K to 64K.

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

wrote: > yes.. started download.. hadnt waited to complete. > > Sent from BlueMail ​ > > On 19 Dec 2016, 3:27 p.m., at 3:27 p.m., Durga Srinivasu Karuturi < > durgasriniv...@gmail.com> wrote: > >Mark, > > > >Looks like tar/zip attachments are getting r

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

Hi, We are stuck with this issue. Is this locally reproducible with sample web-app? Thanks, Durga Srinvasu On Tue, Dec 20, 2016 at 11:26 AM, Durga Srinivasu Karuturi < durgasriniv...@gmail.com> wrote: > Its ~5MB file (ROOT app tar bundle). > > I hope the information, which i

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

Mark, Looks like tar/zip attachments are getting removed. Uploaded same in google drive now. Please let me know if you can access the same or not. https://drive.google.com/open?id=0B1OzquDqWi6bVUN0MDk2RDFENG8 Thanks, Durga Srinivasu On Mon, Dec 19, 2016 at 3:21 PM, Durga Srinivasu Karuturi

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

Mark, Thanks for the update! Thanks, Durga Srinivasu On Sat, Dec 24, 2016 at 6:47 PM, Mark Thomas <ma...@apache.org> wrote: > On 22/12/2016 12:58, Mark Thomas wrote: > > On 22 December 2016 10:16:18 GMT+00:00, Durga Srinivasu Karuturi < > durgasriniv...@gmai

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

Mark, Thanks for the fix! We will use 8.5.10 once it is available. Thanks, Durga Srinivasu On Sat, Dec 24, 2016 at 11:33 PM, Mark Thomas <ma...@apache.org> wrote: > On 24/12/2016 14:51, Durga Srinivasu Karuturi wrote: > > Mark, > > > > Thanks for the update! >

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

Hi, Shall i raise a defect? Thanks, Durga Srinivasu On Wed, Dec 21, 2016 at 2:56 PM, Durga Srinivasu Karuturi < durgasriniv...@gmail.com> wrote: > Hi, > > We are stuck with this issue. > > Is this locally reproducible with sample web-app? > > Thanks, > Durga Srinv

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

"dojo/domReady!" ], function(declare, parser, aspect, has, xhr, domForm, domAttr, registry, domConstruct, do_hash){ parser.parse(); }); }); On Mon, Dec 19, 2016 at 4:09 PM, Mark Thomas <ma...@apache.org

Re: ERR_SPDY_COMPRESSION_ERROR (http2)

Do i need to post in any other forum? Thanks, Durga Srinivasu On Thu, Dec 15, 2016 at 6:41 PM, Durga Srinivasu Karuturi < durgasriniv...@gmail.com> wrote: > Hi, > > Any pointers please? > > Thanks, > Durga Srinivasu > > On Wed, Dec 14, 2016 at 10:15 PM, Durga Srin

Reg Sendfile Feature

Hi, We are trying to analyze two of the below CVEs related to tomcat sendfile feature. CVE-2017-5647 (Production tomcat 8.0.26) CVE-2017-5651(Current tomcat 8.5.12) We are enabling compression with NIO connector. As per docs, connector level by default sendfile is enabled and sendfile takes

Logging TLS Session Failures

Hi, We have a requirement in our application to log all TLS session failures. We are using Tomcat 8.5.11 using JSSE for SSL layer. Is there any way to configure tomcat to log/trace any TLS Failure on tomcat sessions? Thanks, Durga Srinivasu

Re: Logging TLS Session Failures

performance that's the reason, trying for any other optimal solution here. Thanks, Durga Srinivasu On Wed, Mar 8, 2017 at 8:10 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Durga, > > On 3/8/17 9:29 AM,

Re: Logging TLS Session Failures

This is one of the requirement from FIPS/CC certification. Thanks, Durga Srinivasu On Wed, Mar 8, 2017 at 11:03 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Durga, > > On 3/8/17 10:02 AM, Durga

Re: Logging TLS Session Failures

, 2017 at 3:44 PM, André Warnier (tomcat) <a...@ice-sa.com> wrote: > On 09.03.2017 09:34, Durga Srinivasu Karuturi wrote: > >> This is one of the requirement from FIPS/CC certification. >> >> Thanks, >> Durga Srinivasu >> >> > Durga, > > I

Re: Logging TLS Session Failures

g=ssl:handshake - but it > will log all sessions > > You could try to register a customized SSL socket factory in JSSE, you may > extend the default sun impl to overwrite the method, catch the exception > and log the failure, and throw it. > > 2017-03-09 20:04 GMT+08:00 Durg

Re: Reg CVE-2017-5664

No, we are using RHEL with embed tomcat running inside java. Thanks, Durga Srinivasu On Thu, Jun 22, 2017 at 10:03 PM, Emmanuel Bourg <ebo...@apache.org> wrote: > Le 22/06/2017 à 17:46, Durga Srinivasu Karuturi a écrit : > > > We are using tomcat 8.5.14. > > From Debia

Re: Reg CVE-2017-5664

Thanks mark. Checked Error Servlet, handled doGet() and doPost() only. doPost() internally calling doGet(). Yes for PUT/DELTE we are getting 405. Thanks, Durga Srinivasu On Fri, Jun 23, 2017 at 4:38 AM, Mark Thomas <ma...@apache.org> wrote: > On 22/06/17 16:46, Durga Srinivasu Karut

Reg CVE-2017-5664

Hi, We are using tomcat 8.5.14. As this CVE-2017-5664 is applicable for current tomcat version, we are trying to evaluate whethere this CVE is applicable to our web application or not. We have couple of JSP error pages. Tested those

Re: Latest JDT Compiler Issues.

gt; On 30/04/17 18:36, Durga Srinivasu Karuturi wrote: > > Hi, > > > > We have tried migrating tomcat from 8.5.11 --> 8.5.14 for latest security > > fixes and found our jasaperreports functionality is broken. > > > > > https://bugs.eclipse.org/bugs/show_bug

Latest JDT Compiler Issues.

Hi, We have tried migrating tomcat from 8.5.11 --> 8.5.14 for latest security fixes and found our jasaperreports functionality is broken. Reports compilation is failing with unresolved type errors even though all related jars are in classpath 1. java.util.ResourceBundle cannot be resolved to a