[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [Bug--Wget] Issue with RFC 2067 Digest Headers

From: Tim Rühsen
Subject: Re: [Bug-wget] [Bug--Wget] Issue with RFC 2067 Digest Headers
Date: Sat, 13 Jul 2013 20:05:41 +0200
User-agent: KMail/1.13.7 (Linux/3.9-1-amd64; KDE/4.8.4; x86_64; ; )

Am Samstag, 13. Juli 2013 schrieb Darshit Shah:
> There is one more thing that has just come to my notice.
> If the server sends qop=auth-int or for that matter any other qop value,
> then instead of simply exiting, Wget goes on to send another GET request
> without any Authorization Header.
> This Request is bound to be refused with a 401 Authorization Required.
> Hence, Wget should not waste time sending that last extra request.

Do you know a test HTTP server that supports auth-int ?
If yes, we could try to implement it.

You are right:
At the moment any other qop value than 'auth' or missing qop return throws out
      logprintf (LOG_NOTQUIET, _("Unsupported quality of protection '%s'.\n"), 
and returns NULL, wich in turn just removes the Authenticate header but 
doesn't stop the GET request (in gethttp()).

If we want that, digest_authentication_encode() would need to return a 
status/error code.

But this issue should not stop Guiseppe's patch.

Regards, Tim

Attachment: signature.asc
Description: This is a digitally signed message part.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]