yoavs 2004/12/09 05:56:35
Modified: catalina/src/share/org/apache/catalina/realm RealmBase.java
webapps/docs changelog.xml
Log:
Bugzilla 32137.
Revision Changes Path
1.44 +11 -5
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java
Index: RealmBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/RealmBase.java,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- RealmBase.java 27 Oct 2004 16:38:41 -0000 1.43
+++ RealmBase.java 9 Dec 2004 13:56:35 -0000 1.44
@@ -351,8 +351,11 @@
}
}
- String serverDigest =
- md5Encoder.encode(md5Helper.digest(valueBytes));
+ String serverDigest = null;
+ // Bugzilla 32137
+ synchronized(md5Helper) {
+ serverDigest = md5Encoder.encode(md5Helper.digest(valueBytes));
+ }
if (log.isDebugEnabled()) {
log.debug("Digest : " + clientDigest + " Username:" + username
@@ -1092,8 +1095,11 @@
}
}
- byte[] digest =
- md5Helper.digest(valueBytes);
+ byte[] digest = null;
+ // Bugzilla 32137
+ synchronized(md5Helper) {
+ digest = md5Helper.digest(valueBytes);
+ }
return md5Encoder.encode(digest);
}
1.202 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml
Index: changelog.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v
retrieving revision 1.201
retrieving revision 1.202
diff -u -r1.201 -r1.202
--- changelog.xml 9 Dec 2004 13:45:24 -0000 1.201
+++ changelog.xml 9 Dec 2004 13:56:35 -0000 1.202
@@ -55,6 +55,9 @@
<fix>
<bug>28709</bug>:
javax.servlet.http.HttpServletRequest.isRequestedSessionIdValid() returns true
for an invalidated session. (luehe)
</fix>
+ <fix>
+ <bug>32137</bug>: Possible thread-safety issue in RealmBase. (yoavs)
+ </fix>
</changelog>
</subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
