bug-wget
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [Bug--Wget] Issue with RFC 2067 Digest Headers

From: Giuseppe Scrivano
Subject: Re: [Bug-wget] [Bug--Wget] Issue with RFC 2067 Digest Headers
Date: Fri, 12 Jul 2013 18:27:59 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux) 
Tim Rühsen <address@hidden> writes:

> we need a check in http.c:3759:
>     if (algorithm != NULL && ! strcmp (algorithm, "MD5-sess"))
>
> else we strcmp() with algorithm being NULL.
>
> That should do it.

I think the fix should be:

diff --git a/src/http.c b/src/http.c
index a693355..9f274dc 100644
--- a/src/http.c
+++ b/src/http.c
@@ -3703,7 +3703,8 @@ digest_authentication_encode (const char *au, const char 
*user,
   param_token name, value;
 
 
-  realm = opaque = nonce = qop = algorithm = NULL;
+  realm = opaque = nonce = qop = NULL;
+  algorithm = "MD5";
 
   au += 6;                      /* skip over `Digest' */
   while (extract_param (&au, &name, &value, ','))
@@ -3785,7 +3786,7 @@ digest_authentication_encode (const char *au, const char 
*user,
     md5_finish_ctx (&ctx, hash);
     dump_hash (a2buf, hash);
 
-    if (!strcmp(qop, "auth") || !strcmp (qop, "auth-int"))
+    if (qop && (!strcmp(qop, "auth") || !strcmp (qop, "auth-int")))
       {
         /* RFC 2617 Digest Access Authentication */
         /* generate random hex string */
@@ -3835,7 +3836,7 @@ digest_authentication_encode (const char *au, const char 
*user,
 
     res = xmalloc (res_size);
 
-    if (!strcmp(qop,"auth"))
+    if (qop && !strcmp (qop, "auth"))
       {
         res_len = snprintf (res, res_size, "Digest "\
                 "username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", 
response=\"%s\""\


Any complain?

Cheers,
Giuseppe
reply via email to
[Prev in Thread] Current Thread [Next in Thread]