subject:"Re\: Tomcat unstable after updating apache http client"

Re: Tomcat unstable after updating apache http client

2017-10-05 Thread Konstantin Kolinko

2017-10-05 14:12 GMT+03:00 Alex O'Ree :
> I ran into a strange issue the other day.  Running tomcat 7.0.81. I have a
> war file with apache http client vs 4.3.3. I was having some issues with my
> code in the war and experimented with updating the http client to 4.5.3.
> The result was bizarre.
>
> Tomcat would start as normal but stop serving http requests after the first
> request.
>
> When running in the terminal,  I couldn't stop tomcat with ctrl c. I had to
> force close it with task mgr.
>
> Is this expected?

Such DoS triggered by a simple client request is a security concern,
as the load is not proportional to the size of request.
It'd be better to send specific details to security@, not a public list
http://tomcat.apache.org/security.html

1. Take a thread dump (better: 3 of them in a sequence). What is
really going on should be visible there,
https://wiki.apache.org/tomcat/FAQ/Troubleshooting_and_Diagnostics#Common_Troubleshooting_Scenario

2. Tomcat 7.0.82 was released a few days ago.

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat unstable after updating apache http client

2017-10-05 Thread Alex O'Ree

Ill see if I can make a test war they'd reduces it to the minium.

On Oct 5, 2017 8:04 AM, "Mark Thomas"  wrote:

On 05/10/17 12:12, Alex O'Ree wrote:
> I ran into a strange issue the other day.  Running tomcat 7.0.81. I have a
> war file with apache http client vs 4.3.3. I was having some issues with
my
> code in the war and experimented with updating the http client to 4.5.3.
> The result was bizarre.
>
> Tomcat would start as normal but stop serving http requests after the
first
> request.
>
> When running in the terminal,  I couldn't stop tomcat with ctrl c. I had
to
> force close it with task mgr.
>
> Is this expected?

No, not at all. Can you create a test war that demonstrates the issue?

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat unstable after updating apache http client

2017-10-05 Thread Mark Thomas

On 05/10/17 12:12, Alex O'Ree wrote:
> I ran into a strange issue the other day.  Running tomcat 7.0.81. I have a
> war file with apache http client vs 4.3.3. I was having some issues with my
> code in the war and experimented with updating the http client to 4.5.3.
> The result was bizarre.
> 
> Tomcat would start as normal but stop serving http requests after the first
> request.
> 
> When running in the terminal,  I couldn't stop tomcat with ctrl c. I had to
> force close it with task mgr.
> 
> Is this expected?

No, not at all. Can you create a test war that demonstrates the issue?

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Tomcat unstable after updating apache http client

Re: Tomcat unstable after updating apache http client

Re: Tomcat unstable after updating apache http client

3 matches

Site Navigation

Mail list logo

Footer information