yoavs 2004/12/09 05:53:00 Modified: catalina/src/share/org/apache/catalina/realm Tag: TOMCAT_5_0 RealmBase.java webapps/docs Tag: TOMCAT_5_0 changelog.xml Log: Bugzilla 32137. Revision Changes Path No revision No revision 1.33.2.3 +12 -21 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java Index: RealmBase.java =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v retrieving revision 1.33.2.2 retrieving revision 1.33.2.3 diff -u -r1.33.2.2 -r1.33.2.3 --- RealmBase.java 27 Oct 2004 16:26:18 -0000 1.33.2.2 +++ RealmBase.java 9 Dec 2004 13:52:59 -0000 1.33.2.3 @@ -346,22 +346,6 @@ String nOnce, String nc, String cnonce, String qop, String realm, String md5a2) { - - /* - System.out.println("Digest : " + clientDigest); - - System.out.println("************ Digest info"); - System.out.println("Username:" + username); - System.out.println("ClientSigest:" + clientDigest); - System.out.println("nOnce:" + nOnce); - System.out.println("nc:" + nc); - System.out.println("cnonce:" + cnonce); - System.out.println("qop:" + qop); - System.out.println("realm:" + realm); - System.out.println("md5a2:" + md5a2); - */ - - String md5a1 = getDigest(username, realm); if (md5a1 == null) return null; @@ -380,8 +364,11 @@ } } - String serverDigest = - md5Encoder.encode(md5Helper.digest(valueBytes)); + String serverDigest = null; + // Bugzilla 32137 + synchronized(md5Helper) { + serverDigest = md5Encoder.encode(md5Helper.digest(valueBytes)); + } if (serverDigest.equals(clientDigest)) return getPrincipal(username); @@ -1105,8 +1092,12 @@ } } - byte[] digest = - md5Helper.digest(valueBytes); + byte[] digest = null; + // Bugzilla 32137 + synchornized(md5Helper) { + digest = md5Helper.digest(valueBytes); + } + return md5Encoder.encode(digest); } No revision No revision 1.70.2.90 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml Index: changelog.xml =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v retrieving revision 1.70.2.89 retrieving revision 1.70.2.90 diff -u -r1.70.2.89 -r1.70.2.90 --- changelog.xml 9 Dec 2004 13:46:54 -0000 1.70.2.89 +++ changelog.xml 9 Dec 2004 13:52:59 -0000 1.70.2.90 @@ -40,6 +40,9 @@ <fix> <bug>32502</bug>: Memory leak in DigestAuthenticator. (yoavs) </fix> + <fix> + <bug>32137</bug>: Possible thread-safety issue in RealmBase. (yoavs) + </fix> </changelog> </subsection>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]