|
From: | Ahmet Kermen |
Subject: | [libmicrohttpd] Digest Authentication algorithm field case sensitivity |
Date: | Mon, 17 Jan 2022 11:50:17 +0300 |
Hi All, Since version 0.9.62 libmicrohttpd appears to be started adding optional "algorithm" field for digest authentication header. According to RFC2617 https://datatracker.ietf.org/doc/html/rfc2617 and RFC7616 https://datatracker.ietf.org/doc/html/rfc7616 the algorithm value is case-sensitive (no explicit definition, as for “stale” field) and should be "MD5" (uppercase) if MD5 is selected, but libmicrohttpd sets as "md5" (lowercase). The case difference makes some client libraries to fail detecting digest authentication presence from server responses. From RFC2617: algorithm A string indicating a pair of algorithms used to produce the digest and a checksum. If this is not present it is assumed to be "MD5”. From RFC7616: algorithm A string indicating an algorithm used to produce the digest and an unkeyed digest. If this is not present, it is assumed to be “MD5" Best regards, Ahmet Kermen |
[Prev in Thread] | Current Thread | [Next in Thread] |