cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: {Disarmed} Re: Digest authentication fails

From: Andre Guibert de Bruet <andy_at_siliconlandmark.com>
Date: Wed, 27 Jun 2007 10:27:07 -0400

On Jun 27, 2007, at 9:36 AM, Georg Hubik wrote:

> Thanks Daniel,
>
> I've compiled the lastests curl, but the result is kind of the
> same. The authorisation fails again (based on the content of the
> obtained page). Please see the output:
>
> === Begin ===
> ./curl --digest -u 'adminr:admin' -v http://10.1.0.106/Login
> * About to connect() to 10.1.0.106 port 80 (#0)
> * Trying 10.1.0.106.. . connected
> * Connected to 10.1.0.106 (10.1.0.106) port 80 (#0)
> * Server auth using Digest with user 'admin'
> > GET /Login HTTP/1.1
> > User-Agent: curl/7.16.2 (i686-pc-linux-gnu) libcurl/7.16.2
> OpenSSL/0.9.7a zlib/1.2.1.1

This might not have anything to do with your Digest auth failure, but
your libs are *ancient*. In particular, OpenSSL 0.9.7a is ancient and
upgrading to 0.9.8e fixes not only security issues but also memory
leaks. zlib 1.2.1.1 has at least one well-publicized security
vulnerability and upgrading to 1.2.4 is advisable as well. Is there a
particular reason why you have avoided the 7.16.3 curl release?

Cheers,

/* Andre Guibert de Bruet * 6f43 6564 7020 656f 2e74 4220 7469 6a20 */
/* Code poet / Sysadmin * 636f 656b 2e79 5320 7379 6461 696d 2e6e */
/* GSM: +1 734 846 8758 * 5520 494e 2058 6c73 7565 6874 002e 0000 */
/* WWW: siliconlandmark.com * C/C++, Java, Perl, PHP, SQL, XHTML, XML */
Received on 2007-06-27