mirror of
https://github.com/moparisthebest/wget
synced 2024-07-03 16:38:41 -04:00
Fix HTTP Digest authentication when the algorithm is not specified
This commit is contained in:
parent
b8f036d16c
commit
e9cc8b2f7c
@ -1,3 +1,8 @@
|
||||
2013-07-12 Giuseppe Scrivano <gscrivano@gnu.org>
|
||||
|
||||
* http.c (digest_authentication_encode): Set default value of
|
||||
`algorithm' to "MD5". Check if `qop' is not-NULL before access it.
|
||||
|
||||
2013-07-11 Karsten Hopp <karsten@redhat.com>
|
||||
|
||||
* openssl.c (struct openssl_read_args, struct scwt_context): New struct.
|
||||
|
@ -3703,7 +3703,8 @@ digest_authentication_encode (const char *au, const char *user,
|
||||
param_token name, value;
|
||||
|
||||
|
||||
realm = opaque = nonce = qop = algorithm = NULL;
|
||||
realm = opaque = nonce = qop = NULL;
|
||||
algorithm = "MD5";
|
||||
|
||||
au += 6; /* skip over `Digest' */
|
||||
while (extract_param (&au, &name, &value, ','))
|
||||
@ -3785,7 +3786,7 @@ digest_authentication_encode (const char *au, const char *user,
|
||||
md5_finish_ctx (&ctx, hash);
|
||||
dump_hash (a2buf, hash);
|
||||
|
||||
if (!strcmp(qop, "auth") || !strcmp (qop, "auth-int"))
|
||||
if (qop && (!strcmp(qop, "auth") || !strcmp (qop, "auth-int")))
|
||||
{
|
||||
/* RFC 2617 Digest Access Authentication */
|
||||
/* generate random hex string */
|
||||
@ -3835,7 +3836,7 @@ digest_authentication_encode (const char *au, const char *user,
|
||||
|
||||
res = xmalloc (res_size);
|
||||
|
||||
if (!strcmp(qop,"auth"))
|
||||
if (qop && !strcmp (qop, "auth"))
|
||||
{
|
||||
res_len = snprintf (res, res_size, "Digest "\
|
||||
"username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\""\
|
||||
|
Loading…
Reference in New Issue
Block a user