cvs commit: jakarta-tomcat-catalina/webapps/docs changelog.xml

Wed, 08 Dec 2004 07:50:23 -0800 

yoavs       2004/12/08 07:48:28

  Modified:    catalina/src/share/org/apache/catalina/authenticator
                        DigestAuthenticator.java
               webapps/docs changelog.xml
  Log:
  Bugzilla 32502: memory leak in DigestAuthenticator.
  
  Revision  Changes    Path
  1.13      +1 -45     
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java
  
  Index: DigestAuthenticator.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/authenticator/DigestAuthenticator.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- DigestAuthenticator.java  12 Nov 2004 10:21:41 -0000      1.12
  +++ DigestAuthenticator.java  8 Dec 2004 15:48:27 -0000       1.13
  @@ -54,25 +54,6 @@
   
       // -------------------------------------------------------------- 
Constants
   
  -
  -    /**
  -     * Indicates that no once tokens are used only once.
  -     */
  -    protected static final int USE_ONCE = 1;
  -
  -
  -    /**
  -     * Indicates that no once tokens are used only once.
  -     */
  -    protected static final int USE_NEVER_EXPIRES = Integer.MAX_VALUE;
  -
  -
  -    /**
  -     * Indicates that no once tokens are used only once.
  -     */
  -    protected static final int TIMEOUT_INFINITE = Integer.MAX_VALUE;
  -
  -
       /**
        * The MD5 helper object for this class.
        */
  @@ -111,28 +92,6 @@
   
   
       /**
  -     * No once hashtable.
  -     */
  -    protected Hashtable nOnceTokens = new Hashtable();
  -
  -
  -    /**
  -     * No once expiration (in millisecond). A shorter amount would mean a
  -     * better security level (since the token is generated more often), but 
at
  -     * the expense of a bigger server overhead.
  -     */
  -    protected long nOnceTimeout = TIMEOUT_INFINITE;
  -
  -
  -    /**
  -     * No once expiration after a specified number of uses. A lower number
  -     * would produce more overhead, since a token would have to be generated
  -     * more often, but would be more secure.
  -     */
  -    protected int nOnceUses = USE_ONCE;
  -
  -
  -    /**
        * Private key.
        */
       protected String key = "Catalina";
  @@ -405,9 +364,6 @@
               buffer = md5Helper.digest(nOnceValue.getBytes());
           }
           nOnceValue = md5Encoder.encode(buffer);
  -
  -        // Updating the value in the no once hashtable
  -        nOnceTokens.put(nOnceValue, new Long(currentTime + nOnceTimeout));
   
           return nOnceValue;
       }
  
  
  
  1.198     +3 -0      jakarta-tomcat-catalina/webapps/docs/changelog.xml
  
  Index: changelog.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v
  retrieving revision 1.197
  retrieving revision 1.198
  diff -u -r1.197 -r1.198
  --- changelog.xml     7 Dec 2004 17:05:43 -0000       1.197
  +++ changelog.xml     8 Dec 2004 15:48:28 -0000       1.198
  @@ -46,6 +46,9 @@
         <fix>
           Decouple usage of the scheme and secure attributes from enabling 
SSL. (remm)
         </fix>
  +      <fix>
  +        <bug>32502: memory leak in DigestAuthenticator. (yoavs)
  +      </fix>
       </changelog>
     </subsection>
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to