tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator DigestAuthenticator.java
Date Fri, 12 Nov 2004 10:21:42 GMT
remm        2004/11/12 02:21:41

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        DigestAuthenticator.java
  Log:
  - Bug 32137: Use of MessageDigest should be synced.
  
  Revision  Changes    Path
  1.12      +14 -6     jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java
  
  Index: DigestAuthenticator.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- DigestAuthenticator.java	15 Aug 2004 15:48:59 -0000	1.11
  +++ DigestAuthenticator.java	12 Nov 2004 10:21:41 -0000	1.12
  @@ -313,7 +313,11 @@
           String a2 = method + ":" + uri;
           //System.out.println("A2:" + a2);
   
  -        String md5a2 = md5Encoder.encode(md5Helper.digest(a2.getBytes()));
  +        byte[] buffer = null;
  +        synchronized (md5Helper) {
  +            buffer = md5Helper.digest(a2.getBytes());
  +        }
  +        String md5a2 = md5Encoder.encode(buffer);
   
           return (realm.authenticate(userName, response, nOnce, nc, cnonce, qop,
                                      realmName, md5a2));
  @@ -396,7 +400,10 @@
           String nOnceValue = request.getRemoteAddr() + ":" +
               currentTime + ":" + key;
   
  -        byte[] buffer = md5Helper.digest(nOnceValue.getBytes());
  +        byte[] buffer = null;
  +        synchronized (md5Helper) {
  +            buffer = md5Helper.digest(nOnceValue.getBytes());
  +        }
           nOnceValue = md5Encoder.encode(buffer);
   
           // Updating the value in the no once hashtable
  @@ -444,13 +451,14 @@
               realmName = request.getServerName() + ":"
                   + request.getServerPort();
   
  -        byte[] buffer = md5Helper.digest(nOnce.getBytes());
  +        byte[] buffer = null;
  +        synchronized (md5Helper) {
  +            buffer = md5Helper.digest(nOnce.getBytes());
  +        }
   
           String authenticateHeader = "Digest realm=\"" + realmName + "\", "
               +  "qop=\"auth\", nonce=\"" + nOnce + "\", " + "opaque=\""
               + md5Encoder.encode(buffer) + "\"";
  -        // System.out.println("Authenticate header value : "
  -        //                   + authenticateHeader);
           response.setHeader("WWW-Authenticate", authenticateHeader);
   
       }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message