svn commit: r1434688 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/catalina/realm/RealmBase.java webapps/docs/changelog.xml

Thu, 17 Jan 2013 06:34:02 -0800 

Author: markt
Date: Thu Jan 17 14:33:29 2013
New Revision: 1434688

URL: http://svn.apache.org/viewvc?rev=1434688&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54438
Fix a regression in the fix for BZ 52953 that triggered a NPE when digested 
passwords were used and an authentication attempt was made for a user that did 
not exist in the realm.

Modified:
    tomcat/tc7.0.x/trunk/   (props changed)
    tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
    tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
  Merged /tomcat/trunk:r1434685

Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1434688&r1=1434687&r2=1434688&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java 
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java Thu Jan 
17 14:33:29 2013
@@ -406,9 +406,10 @@ public abstract class RealmBase extends 
                                   String md5a2) {
 
         // In digest auth, digests are always lower case
-        String md5a1 = getDigest(username, realm).toLowerCase(Locale.ENGLISH);
+        String md5a1 = getDigest(username, realm);
         if (md5a1 == null)
             return null;
+        md5a1 = md5a1.toLowerCase(Locale.ENGLISH);
         String serverDigestValue;
         if (qop == null) {
             serverDigestValue = md5a1 + ":" + nonce + ":" + md5a2;

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1434688&r1=1434687&r2=1434688&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Thu Jan 17 14:33:29 2013
@@ -65,6 +65,11 @@
         are supported - new behaviour is to warn and explicitly enable no
         options. (timw)
       </fix>
+      <fix>
+        <bug>54438</bug>: Fix a regression in the fix for <bug>52953</bug> that
+        triggered a NPE when digested passwords were used and an authentication
+        attempt was made for a user that did not exist in the realm. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to