https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #25 from Ralf Hauser ---
see also bug 53481 for SSLHonorCipherOrder (alias for the honorCipherOrder) as
per
http://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support_-_SSLHostConfig
somehow with the current debian stable
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
Ognjen Blagojevic changed:
What|Removed |Added
Status|RESOLVED|CLOSED
--
You are receiving this
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #24 from Ognjen Blagojevic ---
7.0.61 works as expected. Thank you.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
Violeta Georgieva changed:
What|Removed |Added
Resolution|--- |FIXED
Status|REOPENED
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #22 from Ognjen Blagojevic ---
Created attachment 32611
--> https://bz.apache.org/bugzilla/attachment.cgi?id=32611&action=edit
Patch to add setters for SSLParameters
--
You are receiving this mail because:
You are the assignee f
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
Ognjen Blagojevic changed:
What|Removed |Added
Resolution|FIXED |---
Status|RESOLVED
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
Christopher Schultz changed:
What|Removed |Added
Resolution|--- |FIXED
Status|NEW
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #19 from Christopher Schultz ---
Support for BIO connector added in Tomcat 8.0.x in r1662632.
--
You are receiving this mail because:
You are the assignee for the bug.
-
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #18 from Christopher Schultz ---
Fixed in Tomcat 8.0.x in r1662627.
Will be in Tomcat 8.0.21.
--
You are receiving this mail because:
You are the assignee for the bug.
-
https://bz.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #17 from Christopher Schultz ---
Fixed in trunk in r1662614.
I'll start preparing a patch for Tomcat 8.
--
You are receiving this mail because:
You are the assignee for the bug.
--
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
Ralf Hauser changed:
What|Removed |Added
CC||hau...@acm.org
--
You are receiving
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #16 from Ognjen Blagojevic ---
Created attachment 32407
--> https://issues.apache.org/bugzilla/attachment.cgi?id=32407&action=edit
Patch to add useServerCipherSuitesOrder to NIO and NIO2 connectors
--
You are receiving this
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
Ognjen Blagojevic changed:
What|Removed |Added
Component|Connectors |Connectors
Version|
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #14 from Christopher Schultz ---
Ognjen, if you are still willing to produce a patch, consider writing it
against trunk, which will require Java 8 so won't need the reflection. If we
decide to back-port to Tomcat 8, the reflecti
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #13 from Ralf Hauser ---
getting as many clients to choose a forward-secret cipher even if their makers
didn't think of putting forward-secret ciphers highest priority is important in
today's world of massive eaves-dropping.
Pl
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
Neale Rudd changed:
What|Removed |Added
CC||ne...@metawerx.net
--
You are receiv
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
Jens Borgland changed:
What|Removed |Added
CC||jens.borgl...@gmail.com
--
You ar
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #12 from Christopher Schultz ---
(In reply to Ognjen Blagojevic from comment #4)
> No objections. Do I need to provide a new patch with the name you proposed?
If you like my suggestions above, you could make all 3 changes at on
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #11 from Christopher Schultz ---
Ognjen, I have a couple of further comments about your proposed patch. I'm
leaning towards adding this to Tomcat 8 but not back-porting unless there is
significant demand.
1. Most of the 2 confi
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
Christopher Schultz changed:
What|Removed |Added
Summary|Add parameter |Add parameter
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #10 from Ognjen Blagojevic ---
(In reply to Remy Maucherat from comment #9)
> I still don't see why this should be added right now, the Java 8 support
> doesn't look good overall.
Because:
a. is is a useful security feature, a
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #9 from Remy Maucherat ---
Yes, the reflection code is ugly by design, it's not like it could look better
(although maybe it could use introspection util ?), but the logging shouldn't
be there (if some Java 8 features are to be
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #7 from Remy Maucherat ---
Ok, since you asked for it, here's a review:
- I don't think this feature justifies a big blob of ugly code, so this should
wait for Java 8.
- Regardless of what APR may or may not do, it should be a b
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #8 from Christopher Schultz ---
(In reply to Remy Maucherat from comment #7)
> Ok, since you asked for it, here's a review:
> - I don't think this feature justifies a big blob of ugly code, so this
> should wait for Java 8.
I'm
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #6 from Ognjen Blagojevic ---
Just a gentle reminder. If you have some free time to review the patch, it
would be great.
--
You are receiving this mail because:
You are the assignee for the bug.
--
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #5 from Christopher Schultz ---
Not necessary.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubs
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #4 from Ognjen Blagojevic ---
(In reply to Christopher Schultz from comment #3)
> I would, however, prefer to make the configuration option
> more clear to the user like "useServerCipherSuitesOrder"... as it stands,
> the option
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #3 from Christopher Schultz ---
APR connector has the "SSLHonorCipherOrder" attribute. Tomcat has a history of
using different SSL-configuration attributes for APR versus other connector
types. I would, however, prefer to make t
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
Ognjen Blagojevic changed:
What|Removed |Added
Attachment #31198|0 |1
is obsolete|
https://issues.apache.org/bugzilla/show_bug.cgi?id=55988
--- Comment #1 from Ognjen Blagojevic ---
Created attachment 31198
--> https://issues.apache.org/bugzilla/attachment.cgi?id=31198&action=edit
Proof of concept patch
Here is initial patch to prove the concept. This patch will always try t
30 matches
Mail list logo
