tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 48236] another workaround for CVE-2009-3555 for the BIO connector
Date Fri, 20 Nov 2009 09:48:54 GMT

--- Comment #5 from Mark Thomas <> 2009-11-20 01:48:50 GMT ---
Nothing formal, and the nature of the tests is such it might take a little
longer than usual to set up something with the Tomcat JUnit tests.

My testing uses a simple webapp that uses CLIENT-CERT and has one JSP that is
protected by a security constraint.

To test client renegotiation, I use openssl s_client and the R command
To test server renegotiation, I use Firefox or IE and browse between the Tomcat
homepage and the protected page.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message