This is an automated email from the ASF dual-hosted git repository. markt-asf pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit fbcb561830c52e6dd440232174d02b7b980c6e30 Author: Mark Thomas <[email protected]> AuthorDate: Mon Apr 27 09:24:00 2026 +0100 Fix deprecation warnings --- java/org/apache/catalina/realm/MessageDigestCredentialHandler.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java b/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java index 2ce9e68901..eb79b3fbc4 100644 --- a/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java +++ b/java/org/apache/catalina/realm/MessageDigestCredentialHandler.java @@ -28,6 +28,7 @@ import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.buf.B2CConverter; import org.apache.tomcat.util.buf.HexUtils; import org.apache.tomcat.util.security.ConcurrentMessageDigest; +import org.apache.tomcat.util.security.ConstantTime; /** * This credential handler supports the following forms of stored passwords: @@ -110,7 +111,7 @@ public class MessageDigestCredentialHandler extends DigestCredentialHandlerBase if (getAlgorithm() == null) { // No digests, compare directly - return DigestCredentialHandlerBase.equals(inputCredentials, storedCredentials, false); + return ConstantTime.equals(inputCredentials, storedCredentials, false); } else { // Some directories and databases prefix the password with the hash // type. The string is in a format compatible with Base64.encode not @@ -123,7 +124,7 @@ public class MessageDigestCredentialHandler extends DigestCredentialHandlerBase inputCredentials.getBytes(StandardCharsets.ISO_8859_1)); String base64UserDigest = Base64.getEncoder().encodeToString(userDigest); - return DigestCredentialHandlerBase.equals(base64UserDigest, base64ServerDigest, false); + return ConstantTime.equals(base64UserDigest, base64ServerDigest, false); } else if (storedCredentials.startsWith("{SSHA}")) { // "{SSHA}<sha-1 digest:20><salt:n>" // Need to convert the salt to bytes to apply it to the user's --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
