https://issues.apache.org/bugzilla/show_bug.cgi?id=48236
Ralf Hauser changed:
What|Removed |Added
CC||more...@privasphere.com
--- Comment
This looks like it should work (haven't tested it yet), but hoping that
there are people that can test on non-Sun JVMs to see if there could be
problems. This patch is a little heavy on knowing how the JVM implements
things :(.
wrote in message
news:20091119220644.2d8f42388...@eris.apache.or
Author: markt
Date: Fri Nov 20 00:50:20 2009
New Revision: 882369
URL: http://svn.apache.org/viewvc?rev=882369&view=rev
Log:
Propose alternative fix
Modified:
tomcat/tc5.5.x/trunk/STATUS.txt
Modified: tomcat/tc5.5.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/STA
Author: markt
Date: Fri Nov 20 00:50:06 2009
New Revision: 882368
URL: http://svn.apache.org/viewvc?rev=882368&view=rev
Log:
Propose alternative fix
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STA
Feedback / comments on the info below. I'd like to get it out to users@
and announce@ fairly soon.
Cheers,
Mark
===
Overview
Work on the root cause is progressing but is still in a state of flux.
The purpose of this update is provide inf
Author: markt
Date: Thu Nov 19 22:06:43 2009
New Revision: 882320
URL: http://svn.apache.org/viewvc?rev=882320&view=rev
Log:
Improve workaround for CVE-2009-3555
On the plus side, it doesn't rely on an async event to close the connection
On the down side, I haven't yet found a way to log client in
https://issues.apache.org/bugzilla/show_bug.cgi?id=48236
--- Comment #3 from Mark Thomas 2009-11-19 13:41:24 GMT ---
Testing has been positive. I ended up keeping the listener from the original
patch to log the handshake attempts. I'm not so concerned about the logging
being in a separate thread
https://issues.apache.org/bugzilla/show_bug.cgi?id=48236
Mark Thomas changed:
What|Removed |Added
CC||hau...@acm.org
--- Comment #2 from M
https://issues.apache.org/bugzilla/show_bug.cgi?id=48158
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|
https://issues.apache.org/bugzilla/show_bug.cgi?id=48192
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|
On 11/19/2009 08:39 PM, Daniel Ruggeri wrote:
All;
Hello. I have been using Tomcat and TCNative for quite a while now, but
have just now subscribed to this list so I may contribute a proposed
patch. Since I am new, please be patient if I'm doing things wrong -
I've RTFM, but that only goes so far
All;
Hello. I have been using Tomcat and TCNative for quite a while now,
but have just now subscribed to this list so I may contribute a
proposed patch. Since I am new, please be patient if I'm doing things
wrong - I've RTFM, but that only goes so far.
The attached patch adds dynamic loc
Author: markt
Date: Thu Nov 19 18:00:09 2009
New Revision: 882231
URL: http://svn.apache.org/viewvc?rev=882231&view=rev
Log:
Fix SSL for BIO post refactoring
Make attribute names consistent
Endpoints are now responsible for configuring the SSL "engine"
Basics work but still needs more testing
NIO
Author: markt
Date: Thu Nov 19 16:05:48 2009
New Revision: 882186
URL: http://svn.apache.org/viewvc?rev=882186&view=rev
Log:
Fix Eclipse warning
Modified:
tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Protocol.java
U
https://issues.apache.org/bugzilla/show_bug.cgi?id=48240
Summary: Tomcat-Lite missing @Override markers
Product: Tomcat 7
Version: trunk
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
https://issues.apache.org/bugzilla/show_bug.cgi?id=48239
Summary: HexUtils exposes public array
Product: Tomcat 7
Version: trunk
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
https://issues.apache.org/bugzilla/show_bug.cgi?id=48238
--- Comment #2 from Sebb 2009-11-19 07:45:11 UTC ---
Created an attachment (id=24566)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=24566)
ByteChunk.length() => ByteChunk.getLength(); += @Override
--
Configure bugmail: https:
https://issues.apache.org/bugzilla/show_bug.cgi?id=48238
--- Comment #1 from Sebb 2009-11-19 07:43:54 UTC ---
Created an attachment (id=24565)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=24565)
Fix bug (sm not init); remove unnecessary casts
--
Configure bugmail: https://issues.a
https://issues.apache.org/bugzilla/show_bug.cgi?id=48238
Summary: Tomcat-lite won't compile
Product: Tomcat 7
Version: trunk
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Com
Author: markt
Date: Thu Nov 19 15:08:03 2009
New Revision: 882169
URL: http://svn.apache.org/viewvc?rev=882169&view=rev
Log:
Fix SSL config error as a result of attribute refactoring.
Modified:
tomcat/trunk/java/org/apache/catalina/connector/Connector.java
Modified: tomcat/trunk/java/org/apa
Author: markt
Date: Thu Nov 19 14:05:56 2009
New Revision: 882151
URL: http://svn.apache.org/viewvc?rev=882151&view=rev
Log:
Fix the Eclipse warnings - no functional change
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Modified:
tomcat/trunk/java/org/apa
Author: markt
Date: Thu Nov 19 14:01:27 2009
New Revision: 882148
URL: http://svn.apache.org/viewvc?rev=882148&view=rev
Log:
Remove unused code
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSE
https://issues.apache.org/bugzilla/show_bug.cgi?id=48236
--- Comment #1 from Mark Thomas 2009-11-19 05:44:36 GMT ---
Thanks for the alternative suggestion. I'll do some testign and if all looks
OK, change the way we disable the handshake.
--
Configure bugmail: https://issues.apache.org/bugzilla
https://issues.apache.org/bugzilla/show_bug.cgi?id=48236
Summary: another workaround for CVE-2009-3555 for the BIO
connector
Product: Tomcat 6
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
On 11/19/2009 09:41 AM, Henri Gomez wrote:
It works with the update tarball :
The updated tarball is now available at
http://tomcat.apache.org/dev/dist/tomcat-connectors/native/source/1.1.18/
Cheers
Jean-Frederic
-
To unsu
Author: jfclere
Date: Thu Nov 19 09:12:57 2009
New Revision: 882085
URL: http://svn.apache.org/viewvc?rev=882085&view=rev
Log:
Put back the old key.
Modified:
tomcat/native/branches/1.1.x/KEYS
Modified: tomcat/native/branches/1.1.x/KEYS
URL:
http://svn.apache.org/viewvc/tomcat/native/branch
It works with the update tarball :
I just used :
./configure --with-apr=/usr/bin
--with-java-home=/System/Library/Frameworks/JavaVM.framework/Versions/Current/
make
got :
total 2544
-rwxr-xr-x 1 henri staff 186280 19 nov 09:39 libtcnative-1.0.1.18.dylib
drwxr-xr-x 3 henri staff 102 1
On 11/19/2009 08:51 AM, Henri Gomez wrote:
did you run buildconf ?
jnirelease.sh should have done that...
Investigating...
I'm running SnowLeopard
I still have to update my box
Cheers
Jean-Frederic
2009/11/19 jean-frederic clere:
On 11/18/2009 09:43 PM, Henri Gomez wrote:
JF,
28 matches
Mail list logo
