[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [Bug--Wget] Issue with RFC 2067 Digest Headers

From: Giuseppe Scrivano
Subject: Re: [Bug-wget] [Bug--Wget] Issue with RFC 2067 Digest Headers
Date: Sat, 13 Jul 2013 15:06:41 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux)

Tim Rühsen <address@hidden> writes:

> We assumed 'algorithm' to be MD5 before (implicitely), but had the bug to 
> miss 
> one check before strcmp().
> For me, your changes look ok.
> There is just that little issue (more a kind of favour) that I mentioned 
> under 
> as 2. : When the server does not mention 'algorithm' in WWW-Authenticate:, 
> should we introduce it in the clients Authenticate: Header ? I can't say what 
> is better... RFC 2069 and RFC 2617 leave it open.
> At least we would introduce an additional (unneeded) xstrdup/free.

yes true, we used that implicitely but we haven't specified it in
"Authenticate:".  Personally I am biased to specify the algorithm
attribute in any case.  Even if this won't make any difference with
servers which are compliant to that RFCs, it makes clear what algorithm
was used by wget.

In any case I haven't a strong opinion, if you still think this is a
stdrup/free waste, I can revert the change :-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]