Issue with digest authentication (bug with expired nonce?)
Joe Orton
joe at manyfish.co.uk
Tue Jul 21 06:02:00 EDT 2009
On Tue, Jul 21, 2009 at 11:02:20AM +0200, Helge Heß wrote:
> On 20.07.2009, at 18:12, Joe Orton wrote:
>> What's the session error string set to at the point NE_AUTH is
>> returned?
>
> "Could not authenticate to server: initial Digest challenge was stale"
Ah, thanks, I see the bug. The stale=true handling presumes you're
doing 2617-style Digest, but this is 2069-style. Here's the fix:
Index: src/ne_auth.c
===================================================================
--- src/ne_auth.c (revision 1674)
+++ src/ne_auth.c (working copy)
@@ -776,7 +776,7 @@
challenge_error(errmsg, _("missing parameter in Digest challenge"));
return -1;
}
- else if (parms->stale && sess->nonce_count == 0) {
+ else if (parms->stale && sess->realm == NULL) {
challenge_error(errmsg, _("initial Digest challenge was stale"));
return -1;
}
More information about the neon
mailing list