Package: python2.3 Version: 2.3.5-7 Severity: normal Note: this is a problem in stable as well as unstable, and it would be great to get it fixed in both places.
Using urllib2, digest HTTP authentication against some servers (notably, www.livejournal.com) will fail. This is caused by a server issue - they demand the digest be specified, even though it is optional in the standard. However, a single line fix to always send the digest, even if it is set to the default of MD5, resolves the issue with *no* possible regressions or other problems. This is discussed in the upstream BTS here: https://sourceforge.net/tracker/?func=detail&atid=305470&aid=1037974&group_id=5470 The upstream developers have accepted this change and pushed it into the core of urllib2.py, so they obviously believe that it is a worthwhile change as well. This patch is the minimal change to support this: --- urllib2.py 2005-08-17 15:01:16.000000000 +1000 +++ urllib2.py.orig 2005-08-17 15:00:58.000000000 +1000 @@ -798,7 +798,8 @@ base = base + ', opaque="%s"' % opaque if entdig: base = base + ', digest="%s"' % entdig - base = base + ', algorithm="%s"' % algorithm + if algorithm != 'MD5': + base = base + ', algorithm="%s"' % algorithm if qop: base = base + ', qop=auth, nc=%s, cnonce="%s"' % (ncvalue, cnonce) return base This is against the library is the Debian/Unstable Python 2.3 package. Finally, the same issue exists in the python2.4 packages on Unstable and, presumably, on Stable as well. I /really/ hope that this can be fixed in Debian, because it is a PITA to try and maintain a locally patched version of urllib2 to resolve this. :/ Thanks, Daniel -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12.2 Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Versions of packages python2.3 depends on: ii libbz2-1.0 1.0.2-8 high-quality block-sorting file co ii libc6 2.3.5-3 GNU C Library: Shared libraries an ii libdb4.3 4.3.28-3 Berkeley v4.3 Database Libraries [ ii libncurses5 5.4-9 Shared libraries for terminal hand ii libreadline5 5.0-10 GNU readline and history libraries ii libssl0.9.7 0.9.7g-1 SSL shared libraries ii zlib1g 1:1.2.3-3 compression library - runtime Versions of packages python2.3 recommends: ii python2.3-iconvcodec 1.1.2-1 Python universal Unicode codec, us -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
