Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:Test
libtcnative-1-0
apache-tomcat-CVE-2009-0580.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apache-tomcat-CVE-2009-0580.patch of Package libtcnative-1-0
Index: apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/DataSourceRealm.java =================================================================== --- apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/DataSourceRealm.java.orig 2008-01-28 23:41:08.000000000 +0100 +++ apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/DataSourceRealm.java 2009-06-08 11:45:14.240843648 +0200 @@ -270,8 +270,9 @@ */ public Principal authenticate(String username, String credentials) { - // No user - can't possibly authenticate, don't bother the database then - if (username == null) { + // No user or no credentials + // Can't possibly authenticate, don't bother the database then + if (username == null || credentials == null) { return null; } Index: apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/JDBCRealm.java =================================================================== --- apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/JDBCRealm.java.orig 2008-01-28 23:41:08.000000000 +0100 +++ apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/JDBCRealm.java 2009-06-08 11:45:14.240843648 +0200 @@ -392,9 +392,10 @@ String username, String credentials) { - // No user - can't possibly authenticate - if (username == null) { - return (null); + // No user or no credentials + // Can't possibly authenticate, don't bother the database then + if (username == null || credentials == null) { + return null; } // Look up the user's credentials Index: apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/MemoryRealm.java =================================================================== --- apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/MemoryRealm.java.orig 2008-01-28 23:41:10.000000000 +0100 +++ apache-tomcat-6.0.18-src/java/org/apache/catalina/realm/MemoryRealm.java 2009-06-08 11:45:14.272343962 +0200 @@ -148,7 +148,7 @@ (GenericPrincipal) principals.get(username); boolean validated = false; - if (principal != null) { + if (principal != null && credentials != null) { if (hasMessageDigest()) { // Hex hashes should be compared case-insensitive validated = (digest(credentials)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor