You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2009/07/07 15:32:45 UTC
svn commit: r791829 - in /tomcat/tc6.0.x/trunk: ./ STATUS.txt
java/org/apache/catalina/realm/JNDIRealm.java webapps/docs/changelog.xml
Author: markt
Date: Tue Jul 7 13:32:45 2009
New Revision: 791829
URL: http://svn.apache.org/viewvc?rev=791829&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=37984
Strip {MD5} as well as {SHA} from digested passwords
Modified:
tomcat/tc6.0.x/trunk/ (props changed)
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc6.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Jul 7 13:32:45 2009
@@ -1 +1 @@
-/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,770876,776921,776924,776935,776945,777464,77
7466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985
+/tomcat/trunk:601180,606992,612607,630314,640888,652744,653247,673796,673820,683982,684001,684081,684234,684269-684270,685177,687503,687645,689402,690781,691392,691805,692748,693378,694992,695053,695311,696780,696782,698012,698227,698236,698613,699427,699634,701355,709294,709811,709816,710063,710066,710125,710205,711126,711600,712461,712467,718360,719119,719124,719602,719626,719628,720046,720069,721040,721286,721708,721886,723404,723738,726052,727303,728032,728768,728947,729057,729567,729569,729571,729681,729809,729815,729934,730250,730590,731651,732859,732863,734734,740675,740684,742677,742697,742714,744160,744238,746321,746384,746425,747834,747863,748344,750258,750291,750921,751286-751287,751289,751295,753039,757335,757774,758365,758596,758616,758664,759074,761601,762868,762929,762936-762937,763166,763183,763193,763228,763262,763298,763302,763325,763599,763611,763654,763681,763706,764985,764997,765662,768335,769979,770716,770809,770876,776921,776924,776935,776945,777464,77
7466,777576,777625,778379,778523-778524,781528,781779,782145,782791,783316,783696,783724,783756,783762,783766,783863,783934,784453,784602,784614,785381,785688,785768,785859,786468,786487,786490,786496,786667,787627,787770,787985,790405
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=791829&r1=791828&r2=791829&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Jul 7 13:32:45 2009
@@ -124,12 +124,6 @@
+1: markt
-1:
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=37984
- Strip {MD5} as well as {SHA} from digested passwords
- http://svn.apache.org/viewvc?rev=790405&view=rev
- +1: markt, kkolinko, rjung
- -1:
-
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=47149
Explicitly specify encoding for the source files
http://people.apache.org/~kkolinko/patches/2009-07-04_tc6_encodings.patch
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java?rev=791829&r1=791828&r2=791829&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/JNDIRealm.java Tue Jul 7 13:32:45 2009
@@ -1206,10 +1206,10 @@
boolean validated = false;
if (hasMessageDigest()) {
- // iPlanet support if the values starts with {SHA1}
+ // Some directories prefix the password with the hash type
// The string is in a format compatible with Base64.encode not
// the Hex encoding of the parent class.
- if (password.startsWith("{SHA}")) {
+ if (password.startsWith("{MD5}") || password.startsWith("{SHA}")) {
/* sync since super.digest() does this same thing */
synchronized (this) {
password = password.substring(5);
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=791829&r1=791828&r2=791829&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Jul 7 13:32:45 2009
@@ -53,6 +53,10 @@
(markt)
</fix>
<fix>
+ <bug>37984</bug>: Strip {MD5} as well as {SHA} if present in digest
+ passwords in LDAP directories. (markt)
+ </fix>
+ <fix>
<bug>38352</bug>: Allow JSPs to write to the directory defined by
<code>javax.servlet.context.tempdir</code> when running under a security
manager. (markt)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org