Curl_output_digest: support auth-int for empty entity body

By always returning the md5 for an empty body when auth-int is asked for, libcurl now at least sometimes does the right thing. Bug: http://curl.haxx.se/bug/view.cgi?id=1235 Patched-by: Nach M. S.
2013-06-11 00:08:13 +02:00 · 2013-06-11 00:08:13 +02:00 · 529a2e9110
parent 21091549c0
commit 529a2e9110
1 changed files with 9 additions and 5 deletions
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@ -458,16 +458,20 @@ CURLcode Curl_output_digest(struct connectdata *conn,
  else
    md5this = (unsigned char *)aprintf("%s:%s", request, uripath);

+  if(d->qop && Curl_raw_equal(d->qop, "auth-int")) {
+    /* We don't support auth-int for PUT or POST at the moment.
+       TODO: replace md5 of empty string with entity-body for PUT/POST */
+    unsigned char *md5this2 = (unsigned char *)
+      aprintf("%s:%s", md5this, "d41d8cd98f00b204e9800998ecf8427e");
+    free(md5this);
+    md5this = md5this2;
+  }
+
  if(!md5this) {
    free(ha1);
    return CURLE_OUT_OF_MEMORY;
  }

-  if(d->qop && Curl_raw_equal(d->qop, "auth-int")) {
-    /* We don't support auth-int at the moment. I can't see a easy way to get
-       entity-body here */
-    /* TODO: Append H(entity-body)*/
-  }
  CURL_OUTPUT_DIGEST_CONV(data, md5this); /* convert on non-ASCII machines */
  Curl_md5it(md5buf, md5this);
  free(md5this); /* free this again */