Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: http digest auth failed with libcurl 7.48.0
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: 范 范珏 via curl-library <curl-library_at_lists.haxx.se>
Date: Wed, 25 May 2022 07:47:22 +0000
here is the two pcap files,please take a look at it.
the first cmdtool file is successful.
the second one is failed.
获取 Outlook for iOS<https://aka.ms/o0ukef>
________________________________
发件人: curl-library <curl-library-bounces_at_lists.haxx.se> 代表 Dan Fandrich via curl-library <curl-library_at_lists.haxx.se>
发送时间: Wednesday, May 25, 2022 2:43:38 PM
收件人: curl-library_at_lists.haxx.se <curl-library_at_lists.haxx.se>
抄送: Dan Fandrich <dan_at_coneharvesters.com>
主题: Re: http digest auth failed with libcurl 7.48.0
On Wed, May 25, 2022 at 06:19:43AM +0000, 范 范珏 via curl-library wrote:
> Thanks for the reply,the successfull packet is from curl cmd tool 7.66.0,which downloaded in fedora31 release,the failed packet is from our sdk used for tr69 connection which is a basic function for router,the sdk contains libcurl 7.48.0 and 7.64.1,I tried both of them and cannot work.
> all the two connection is using the same httpd server,and I tried to get all the information identically(the header list,using the get mode etc.)
> I think the only difference is that the failed one is automatical and the interaction is done for serveral times in short interval,and the successful one is done manally.
What do you mean by a "manual" request? Can you generate complete trace logs
(the equivalent of --verbose or --trace) for both the successful and
unsuccessful cases? Can you show us source code for your code that is
generating the requests? There are many reasons why a request might not
succeed, so without showing us more details it's hard to tell why.
Note that Digest authentication performs a cryptographic challenge-response
handshake so you can't easily generate the right headers manually. This also
means that there will be at minimum two requests to authenticate, the first
returning 401, before the right Authorization header can be sent to
authenticate the client. So, the first trace you showed (that you define as
"failed") might very well be a valid and correct first transaction.
Dan
--
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2022-05-25
Date: Wed, 25 May 2022 07:47:22 +0000
here is the two pcap files,please take a look at it.
the first cmdtool file is successful.
the second one is failed.
获取 Outlook for iOS<https://aka.ms/o0ukef>
________________________________
发件人: curl-library <curl-library-bounces_at_lists.haxx.se> 代表 Dan Fandrich via curl-library <curl-library_at_lists.haxx.se>
发送时间: Wednesday, May 25, 2022 2:43:38 PM
收件人: curl-library_at_lists.haxx.se <curl-library_at_lists.haxx.se>
抄送: Dan Fandrich <dan_at_coneharvesters.com>
主题: Re: http digest auth failed with libcurl 7.48.0
On Wed, May 25, 2022 at 06:19:43AM +0000, 范 范珏 via curl-library wrote:
> Thanks for the reply,the successfull packet is from curl cmd tool 7.66.0,which downloaded in fedora31 release,the failed packet is from our sdk used for tr69 connection which is a basic function for router,the sdk contains libcurl 7.48.0 and 7.64.1,I tried both of them and cannot work.
> all the two connection is using the same httpd server,and I tried to get all the information identically(the header list,using the get mode etc.)
> I think the only difference is that the failed one is automatical and the interaction is done for serveral times in short interval,and the successful one is done manally.
What do you mean by a "manual" request? Can you generate complete trace logs
(the equivalent of --verbose or --trace) for both the successful and
unsuccessful cases? Can you show us source code for your code that is
generating the requests? There are many reasons why a request might not
succeed, so without showing us more details it's hard to tell why.
Note that Digest authentication performs a cryptographic challenge-response
handshake so you can't easily generate the right headers manually. This also
means that there will be at minimum two requests to authenticate, the first
returning 401, before the right Authorization header can be sent to
authenticate the client. So, the first trace you showed (that you define as
"failed") might very well be a valid and correct first transaction.
Dan
--
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
-- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
- application/octet-stream attachment: result_curl_cmdtool.pcap
- application/octet-stream attachment: result_failed.pcap