cURL / Mailing Lists / curl-library / Single Mail

curl-library

Bug in Curllib + solution

From: Source <source_at_stueben.com>
Date: Thu, 25 May 2006 10:53:40 +0200

Hello,

I found the Curl - and I like it. Now I had problems against a MS SNA
Server with DIGEST Authentication and I found an error in the implentation
of the md5-sess protocol (see rfc 2617 + errata 2617). When using the
md5-sess, the result was not Md5 encoded and Base64 transformed.

The right peace of code should be:

   if(d->algo == CURLDIGESTALGO_MD5SESS) {
     /* nonce and cnonce are OUTSIDE the hash */
     tmp = aprintf("%s:%s:%s", ha1, d->nonce, d->cnonce);
     if(!tmp)
       return CURLE_OUT_OF_MEMORY;
     Curl_md5it(md5buf, tmp);
     free(tmp); /* free this again */
     md5_to_ascii(md5buf, ha1);
   }

Olaf
Received on 2006-05-25

This message: [ Message body ]
Next message: Source: "HTTP Digest Auth Error + solution"
Previous message: Michael Wallner: "Re: Patch: "SESS" special string for CURLOPT_COOKIELIST"
Next in thread: Source: "HTTP Digest Auth Error + solution"
Reply: Source: "HTTP Digest Auth Error + solution"
Reply: Daniel Stenberg: "Re: Bug in Curllib + solution"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]