Paul Read wrote:
> THanks for that information I therefore tweaked
> 'AuthDigestParseChallenge' so that Info.Qop is set to 'auth' if no Qop
> value is given and now the right MD5 is calculated and the server
> accepts the data.
I'd say this is a server-side bug. It obviously understands a RFC 2617
digest however sends an obsolete RFC 2069 WWW-Authenticate response header.
If I'm not totally misreading this sentence:
"qop-options
This directive is optional, but is made so only for backward
compatibility with RFC 2069 [6];"
it means that if the qop directive is missing we have to assume RFC 2069
which calculates the digest differently. That cURL works is perhaps because
it doesn't try to support obsolete RFC 2069?
--
Arno Garrels
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
