tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 48236] another workaround for CVE-2009-3555 for the BIO connector
Date Fri, 20 Nov 2009 09:48:54 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=48236

--- Comment #5 from Mark Thomas <markt@apache.org> 2009-11-20 01:48:50 GMT ---
Nothing formal, and the nature of the tests is such it might take a little
longer than usual to set up something with the Tomcat JUnit tests.

My testing uses a simple webapp that uses CLIENT-CERT and has one JSP that is
protected by a security constraint.

To test client renegotiation, I use openssl s_client and the R command
To test server renegotiation, I use Firefox or IE and browse between the Tomcat
homepage and the protected page.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message