Author: markt
Date: Tue Sep 9 09:09:17 2014
New Revision: 1623723
URL: http://svn.apache.org/r1623723
Log:
Deprecate md5Helper and switch to using ConcurrentMessageDigest
Reviewing the code, this also fixes a rare threading issue.
Modified:
tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java?rev=1623723&r1=1623722&r2=1623723&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/RealmBase.java Tue Sep 9
09:09:17 2014
@@ -55,6 +55,7 @@ import org.apache.tomcat.util.codec.bina
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.apache.tomcat.util.res.StringManager;
+import org.apache.tomcat.util.security.ConcurrentMessageDigest;
import org.apache.tomcat.util.security.MD5Encoder;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
@@ -109,7 +110,10 @@ public abstract class RealmBase extends
/**
* MD5 message digest provider.
+ *
+ * @deprecated Unused. Will be removed in Tomcat 9.0.x onwards.
*/
+ @Deprecated
protected static volatile MessageDigest md5Helper;
@@ -390,11 +394,7 @@ public abstract class RealmBase extends
throw new IllegalArgumentException(uee.getMessage());
}
- String serverDigest = null;
- // Bugzilla 32137
- synchronized(md5Helper) {
- serverDigest = MD5Encoder.encode(md5Helper.digest(valueBytes));
- }
+ String serverDigest =
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes));
if (log.isDebugEnabled()) {
log.debug("Digest : " + clientDigest + " Username:" + username
@@ -1211,15 +1211,6 @@ public abstract class RealmBase extends
* Return the digest associated with given principal's user name.
*/
protected String getDigest(String username, String realmName) {
- if (md5Helper == null) {
- try {
- md5Helper = MessageDigest.getInstance("MD5");
- } catch (NoSuchAlgorithmException e) {
- log.error("Couldn't get MD5 digest: ", e);
- throw new IllegalStateException(e.getMessage());
- }
- }
-
if (hasMessageDigest()) {
// Use pre-generated digest
return getPassword(username);
@@ -1236,13 +1227,7 @@ public abstract class RealmBase extends
throw new IllegalArgumentException(uee.getMessage());
}
- byte[] digest;
- // Bugzilla 32137
- synchronized(md5Helper) {
- digest = md5Helper.digest(valueBytes);
- }
-
- return MD5Encoder.encode(digest);
+ return
MD5Encoder.encode(ConcurrentMessageDigest.digestMD5(valueBytes));
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1623723&r1=1623722&r2=1623723&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Tue Sep 9 09:09:17 2014
@@ -122,7 +122,12 @@
is not running. (kfujino)
</fix>
<fix>
- Fix threading issue when locking resources via WebDAV. (markt)
+ Fix a rare threading issue when locking resources via WebDAV.
+ (markt)
+ </fix>
+ <fix>
+ Fix a rare threading issue when using HTTP digest authentication.
+ (markt)
</fix>
</changelog>
</subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
