This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new fb25e90834 Remove unnecessary code now qop is required
fb25e90834 is described below
commit fb25e908340cffd27aab64a78115969772afcd9c
Author: Mark Thomas <[email protected]>
AuthorDate: Wed Jun 24 16:43:24 2026 +0100
Remove unnecessary code now qop is required
---
java/org/apache/catalina/authenticator/DigestAuthenticator.java | 3 +--
java/org/apache/catalina/realm/RealmBase.java | 8 ++------
2 files changed, 3 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/catalina/authenticator/DigestAuthenticator.java
b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
index 0f1b39fbfe..c08bc69224 100644
--- a/java/org/apache/catalina/authenticator/DigestAuthenticator.java
+++ b/java/org/apache/catalina/authenticator/DigestAuthenticator.java
@@ -630,8 +630,7 @@ public class DigestAuthenticator extends AuthenticatorBase {
* @return {@code true} if validation succeeded
*/
public boolean validate(Request request, List<AuthDigest> algorithms) {
- if ((userName == null) || (realmName == null) || (nonce == null)
|| (uri == null) || (response == null) ||
- qop == null) {
+ if ((userName == null) || (realmName == null) || (nonce == null)
|| (uri == null) || (response == null)) {
return false;
}
diff --git a/java/org/apache/catalina/realm/RealmBase.java
b/java/org/apache/catalina/realm/RealmBase.java
index 4112b2b037..238dcfc1df 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -424,12 +424,8 @@ public abstract class RealmBase extends LifecycleMBeanBase
implements Realm {
return null;
}
digestA1 = digestA1.toLowerCase(Locale.ENGLISH);
- String serverDigestValue;
- if (qop == null) {
- serverDigestValue = digestA1 + ":" + nonce + ":" + digestA2;
- } else {
- serverDigestValue = digestA1 + ":" + nonce + ":" + nc + ":" +
cnonce + ":" + qop + ":" + digestA2;
- }
+ // No explicit test for qop == null since the digest will fail anyway
in that case
+ String serverDigestValue = digestA1 + ":" + nonce + ":" + nc + ":" +
cnonce + ":" + qop + ":" + digestA2;
byte[] valueBytes;
try {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
