You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by kw...@apache.org on 2016/02/15 18:44:43 UTC
svn commit: r1730578 -
/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
Author: kwall
Date: Mon Feb 15 17:44:43 2016
New Revision: 1730578
URL: http://svn.apache.org/viewvc?rev=1730578&view=rev
Log:
QPID-7067: Use try/finally to guarantee that _doNotCreateStoredPasswordBecauseItIsBeingUpgraded can never be left set
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java?rev=1730578&r1=1730577&r2=1730578&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/AbstractScramAuthenticationManager.java Mon Feb 15 17:44:43 2016
@@ -174,9 +174,7 @@ public abstract class AbstractScramAuthe
+ DatatypeConverter.printBase64Binary(storedKey) + ","
+ DatatypeConverter.printBase64Binary(serverKey) + ","
+ oldDefaultIterationCount;
- _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = true;
- user.setPassword(password);
- _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = false;
+ upgradeUserPassword(user, password);
}
catch (NoSuchAlgorithmException e)
{
@@ -190,9 +188,7 @@ public abstract class AbstractScramAuthe
+ passwordFields[PasswordField.STORED_KEY.ordinal()] + ","
+ passwordFields[PasswordField.SERVER_KEY.ordinal()] + ","
+ oldDefaultIterationCount;
- _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = true;
- user.setPassword(password);
- _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = false;
+ upgradeUserPassword(user, password);
}
else if (passwordFields.length != 5)
{
@@ -200,6 +196,19 @@ public abstract class AbstractScramAuthe
}
}
+ private void upgradeUserPassword(final ManagedUser user, final String password)
+ {
+ try
+ {
+ _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = true;
+ user.setPassword(password);
+ }
+ finally
+ {
+ _doNotCreateStoredPasswordBecauseItIsBeingUpgraded = false;
+ }
+ }
+
private byte[] createSaltedPassword(byte[] salt, String password, int iterationCount)
{
Mac mac = createShaHmac(password.getBytes(ASCII));
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org