THanks for that information I therefore tweaked
'AuthDigestParseChallenge' so that Info.Qop is set to 'auth' if no Qop
value is given and now the right MD5 is calculated and the server
accepts the data.
Whether this is a correct thing to do or not is a different matter!
Thanks again for your help
Paul
On 07/01/2012 11:15, Arno Garrels wrote:
Paul Read wrote:
Please post the server challenge,
What does this look like?
does it by any chance request "auth-int"? auth-int is not supported
yet.
I don't see 'auth-int' within the packets but maybe I am looking in
the right area.
The first response from the server is:
WWW-Authenticate: Digest realm="PUSH Authentication", nonce="132577494",
algorithm="MD5"
That looks strange since the opaque data string is missing which doesn't seem
to be optionally, and since qop directive is also missing it's likely an
obsolete
version of digest auth (RFC 2069) ICS _might not properly support:
http://www.faqs.org/rfcs/rfc2617.html / 3.2.1 The WWW-Authenticate Response
Header
"qop-options
This directive is optional, but is made so only for backward
compatibility with RFC 2069 [6];"
http://www.faqs.org/rfcs/rfc2069.html
Someone had to dig into both specs and compare them with ICS' RFC 2617
implementation.
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
