Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: http digest auth failed with libcurl 7.48.0
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Dan Fandrich via curl-library <curl-library_at_lists.haxx.se>
Date: Tue, 24 May 2022 23:43:38 -0700
On Wed, May 25, 2022 at 06:19:43AM +0000, Ûõ ÛõÊÄ via curl-library wrote:
> Thanks for the reply,the successfull packet is from curl cmd tool 7.66.0,which downloaded in fedora31 release,the failed packet is from our sdk used for tr69 connection which is a basic function for router,the sdk contains libcurl 7.48.0 and 7.64.1,I tried both of them and cannot work.
> all the two connection is using the same httpd server,and I tried to get all the information identically(the header list,using the get mode etc.)
> I think the only difference is that the failed one is automatical and the interaction is done for serveral times in short interval,and the successful one is done manally.
What do you mean by a "manual" request? Can you generate complete trace logs
(the equivalent of --verbose or --trace) for both the successful and
unsuccessful cases? Can you show us source code for your code that is
generating the requests? There are many reasons why a request might not
succeed, so without showing us more details it's hard to tell why.
Note that Digest authentication performs a cryptographic challenge-response
handshake so you can't easily generate the right headers manually. This also
means that there will be at minimum two requests to authenticate, the first
returning 401, before the right Authorization header can be sent to
authenticate the client. So, the first trace you showed (that you define as
"failed") might very well be a valid and correct first transaction.
Dan
Date: Tue, 24 May 2022 23:43:38 -0700
On Wed, May 25, 2022 at 06:19:43AM +0000, Ûõ ÛõÊÄ via curl-library wrote:
> Thanks for the reply,the successfull packet is from curl cmd tool 7.66.0,which downloaded in fedora31 release,the failed packet is from our sdk used for tr69 connection which is a basic function for router,the sdk contains libcurl 7.48.0 and 7.64.1,I tried both of them and cannot work.
> all the two connection is using the same httpd server,and I tried to get all the information identically(the header list,using the get mode etc.)
> I think the only difference is that the failed one is automatical and the interaction is done for serveral times in short interval,and the successful one is done manally.
What do you mean by a "manual" request? Can you generate complete trace logs
(the equivalent of --verbose or --trace) for both the successful and
unsuccessful cases? Can you show us source code for your code that is
generating the requests? There are many reasons why a request might not
succeed, so without showing us more details it's hard to tell why.
Note that Digest authentication performs a cryptographic challenge-response
handshake so you can't easily generate the right headers manually. This also
means that there will be at minimum two requests to authenticate, the first
returning 401, before the right Authorization header can be sent to
authenticate the client. So, the first trace you showed (that you define as
"failed") might very well be a valid and correct first transaction.
Dan
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2022-05-25