Re: Configuring Tomcat to support TLSv1.2

2016-06-21 19:08 GMT-04:00 Joleen Barker : > Hello Daniel, > > Thank you for your replies. > > Yes, I have the Java build 1.7.0_71 installed and I have the Unlimited > security package installed as the application from the vendor requires it. > > Ok, you say never to edit

RE: CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability

What about 8.5.x branch? Is that also affected. And I am not able to see this update on Tomcat security page. Any reasons for that? Regards, Chinoy -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: Tuesday, June 21, 2016 3:23 PM To: users@tomcat.apache.org;

Re: Configuring Tomcat to support TLSv1.2

Hello Daniel, Thank you for your replies. Yes, I have the Java build 1.7.0_71 installed and I have the Unlimited security package installed as the application from the vendor requires it. Ok, you say never to edit the catalina,sh. I can change it back. The settings originally was

Re: Configuring Tomcat to support TLSv1.2

2016-06-21 14:12 GMT-04:00 Joleen Barker : > Hello Tomcat friends, > > I am looking for some understanding on what is happening in my environment > to make sure I am not missing anything in my settings. > > Basics: > 1) OS is GNU/Linux > 2) Java is JDK v1.7 > 3) Tomcat 7

Re: How to force keystoreFile and truststoreFile to be absolute paths

Gerald, On 6/21/2016 11:03 AM, Miller, Gerald wrote: > I'm seeing errors from attempts to append uncorrected paths (e.g., > C:\out\) and corrected ones (e.g., ~/out/) onto some arbitrary path. > Assuming a relative path in a case like this makes about as much > sense as using relative branching

RE: How to force keystoreFile and truststoreFile to be absolute paths

Now that I think about it, this is probably a classpath issue. Nice to have when it works, but a royal pain the rest of the time. From: Miller, Gerald Sent: Tuesday, June 21, 2016 2:04 PM To: 'users@tomcat.apache.org' Subject: How to force keystoreFile and

Configuring Tomcat to support TLSv1.2

Hello Tomcat friends, I am looking for some understanding on what is happening in my environment to make sure I am not missing anything in my settings. Basics: 1) OS is GNU/Linux 2) Java is JDK v1.7 3) Tomcat 7 First, this question has come up because we needed to allow TLSv1.2 connections to

How to force keystoreFile and truststoreFile to be absolute paths

I'm seeing errors from attempts to append uncorrected paths (e.g., C:\out\) and corrected ones (e.g., ~/out/) onto some arbitrary path. Assuming a relative path in a case like this makes about as much sense as using relative branching in non-relocatable code. I've wasted hours trying to get

Re: Http2UpgradeHandler error

On 21/06/2016 14:52, Mark Thomas wrote: > On 21/06/2016 14:43, Andrei Ivanov wrote: >> 21-Jun-2016 13:38:41.122 FINE [https-openssl-apr-8443-exec-6] >> org.apache.tomcat.util.net.AprEndpoint$AprSocketWrapper.fillReadBuffer >> An APR general error was returned by the SSL read operation on >>

Re: Memory problems caused by the messageBufferText CharBuffer in WSFrameBase.java

On 21/06/2016 15:52, Afaf Zahkya wrote: > Hello, > > I m using tomcat 8.0.21. > > I want to send *up* to 4 MB of text messages through a websocket connection > to my tomcat server. I set the MaxTextMessageBufferSize to 4 MB.Now as a > result, every time I open a websocket connection and I send

Memory problems caused by the messageBufferText CharBuffer in WSFrameBase.java

Hello, I m using tomcat 8.0.21. I want to send *up* to 4 MB of text messages through a websocket connection to my tomcat server. I set the MaxTextMessageBufferSize to 4 MB.Now as a result, every time I open a websocket connection and I send a message , I can see that 4 MB are being allocated

Re: Http2UpgradeHandler error

On Tue, Jun 21, 2016 at 4:52 PM, Mark Thomas wrote: > On 21/06/2016 14:43, Andrei Ivanov wrote: >> On Tue, Jun 21, 2016 at 4:01 PM, Mark Thomas wrote: >>> On 21/06/2016 13:43, Mark Thomas wrote: >>> I'll take a look at the code and see if I can figure out

Re: Http2UpgradeHandler error

On 21/06/2016 14:43, Andrei Ivanov wrote: > On Tue, Jun 21, 2016 at 4:01 PM, Mark Thomas wrote: >> On 21/06/2016 13:43, Mark Thomas wrote: >> >>> I'll take a look at the code and see if I can figure out how this is >>> happening. Are you able to build 8.5.x from source to test

Re: Http2UpgradeHandler error

On Tue, Jun 21, 2016 at 4:01 PM, Mark Thomas wrote: > On 21/06/2016 13:43, Mark Thomas wrote: > >> I'll take a look at the code and see if I can figure out how this is >> happening. Are you able to build 8.5.x from source to test any changes I >> might make? If all it needs is a

Tomcat 7 performance tuning take full advantage of hardware

Hi, I had done some stress tests on Apache Tomcat/7.0.47 and found that tomcat didn't taken full advantage of hardware resources.I had used Apache Benchmark tool(ab) to do benckmark,and then monitor the jvm instance of tomcat via jvisualvm.In the benchmark,I just test the response time of

Re: Http2UpgradeHandler error

On 21/06/2016 13:43, Mark Thomas wrote: > I'll take a look at the code and see if I can figure out how this is > happening. Are you able to build 8.5.x from source to test any changes I > might make? I have a theory which can be proved/disproved with some extra logging. First, please add the

Re: Http2UpgradeHandler error

On 21/06/2016 12:31, Andrei Ivanov wrote: > Hello, > Trying to upgrade from 8.0.35 to 8.5.3 (on Win 7 and JDK > 1.8.0_92-b14), I ran into this error, using Firefox 47: > > 21-Jun-2016 11:13:01.689 SEVERE [https-openssl-apr-8443-exec-5] >

Re: Http2UpgradeHandler error

2016-06-21 13:31 GMT+02:00 Andrei Ivanov : > Hello, > Trying to upgrade from 8.0.35 to 8.5.3 (on Win 7 and JDK > 1.8.0_92-b14), I ran into this error, using Firefox 47: > > Try not using the APR connector, for starters, your platform isn't the best for it IMO. Rémy

Http2UpgradeHandler error

Hello, Trying to upgrade from 8.0.35 to 8.5.3 (on Win 7 and JDK 1.8.0_92-b14), I ran into this error, using Firefox 47: 21-Jun-2016 11:13:01.689 SEVERE [https-openssl-apr-8443-exec-5] org.apache.coyote.AbstractProtocol$ConnectionHandler.process Error reading request, ignored

Re: CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability

Thanks for forwarding. I hope, that everything is alright with the announcement? On Tue, Jun 21, 2016 at 11:53 AM, Mark Thomas wrote: > > Original Message > From: Jochen Wiedmann > Sent: 21 June 2016 10:18:15 BST > To:

Re: mod JK ho to rout all content to tomcat except for a few static folders

I am so sorry. You are correct. Lance Sent from my iPhone > On Jun 20, 2016, at 12:13 PM, Rainer Jung wrote: > >> Am 20.06.2016 um 18:32 schrieb Campbell, Lance: >> Neither of these options will work for me: >> 1) no-jk is only supported for: "Starting with mod_jk

Fwd: CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability

Original Message From: Jochen Wiedmann Sent: 21 June 2016 10:18:15 BST To: priv...@commons.apache.org, "secur...@apache.org" , Tomcat Security List , annou...@apache.org, Apache Commons Developers

Incorrect request processing times in server status

Hello list, On a new tomcat installation I am noticing extremely high values for request processing times being reported by the server status page. Even if I restart tomcat and start sending requests again, the request processing time again shows extremely high values for a few requests. I have

[ANN] Apache Tomcat 7.0.70 released

The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.70. Apache Tomcat is an open source software implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. This release contains a number of bug fixes and

Re: session-timeout and maxInactiveInterval

On 21/06/2016 03:54, mw...@loftware.com wrote: > > >> -Original Message- >> From: Mark Thomas [mailto:ma...@apache.org] >> Sent: Monday, June 20, 2016 11:32 AM >> To: Tomcat Users List >> Subject: Re: session-timeout and maxInactiveInterval >> >> On 20/06/2016