New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Http digest authentication doesn't support 'stale=true' #928
Labels
Comments
tarek112
added a commit
to tarek112/curl
that referenced
this issue
Jul 25, 2016
jay
added a commit
to jay/curl
that referenced
this issue
Jul 26, 2016
If there is an old digest and a new digest was sent with the stale directive then the new digest replaces the old digest. Prior to this change the stale directive was ignored and a new digest would cause error CURLE_BAD_CONTENT_ENCODING in any case. Bug: curl#928 Reported-by: tarek112@users.noreply.github.com
I tested you patch, it's working good. Thank you |
Hello, still no issue with your patch. Is there something I can do to help with MR ? |
Are you referring to @jay's commit from July 26th? |
Yes indeed: jay@22c44c7 |
@jay any news or thoughts on where this is going? |
jay
added a commit
that referenced
this issue
Feb 21, 2017
- If the server has provided another challenge use it as the replacement input token if stale=TRUE. Otherwise previous credentials have failed so return CURLE_LOGIN_DENIED. Prior to this change the stale directive was ignored and if another challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. Ref: https://tools.ietf.org/html/rfc2617#page-10 Bug: #928 Reported-by: tarek112@users.noreply.github.com
Thanks, landed in af5fbb1. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I did this
Build using cmake with default options under windows (so using windows SSPI). Loop on a GET request to reach a digest authenticated resource. Reuse easy handle between requests.
I expected the following
Keep working after 401 ... "stale=true".
First authentication works well but after that first nonce expire, curl doesn't handle any further authentication. It keep using the initial nonce.
curl/libcurl version
7.50.0
operating system
Windows
I think I've found were the issue comes from and I should provide a pull request soon.
The text was updated successfully, but these errors were encountered: