/curl

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Http digest authentication doesn't support 'stale=true' #928

Closed
tarek112 opened this Issue Jul 25, 2016 · 6 comments

Comments

Assignees

@jay jay

Labels
Projects
None yet
Milestone
No milestone
3 participants
@tarek112 @bagder @jay
@tarek112

tarek112 commented Jul 25, 2016

I did this

Build using cmake with default options under windows (so using windows SSPI). Loop on a GET request to reach a digest authenticated resource. Reuse easy handle between requests.

I expected the following

Keep working after 401 ... "stale=true".
First authentication works well but after that first nonce expire, curl doesn't handle any further authentication. It keep using the initial nonce.

curl/libcurl version

7.50.0

operating system

Windows

I think I've found were the issue comes from and I should provide a pull request soon.

@bagder bagder added the HTTP label Jul 25, 2016

tarek112 added a commit to tarek112/curl that referenced this issue Jul 25, 2016

@tarek112
vauth: add digest authentication support with SSPI when stale=true 
Bug: curl#928
Closes #928
815a99e

@tarek112 tarek112 referenced this issue Jul 25, 2016

Closed

vauth: add digest authentication support with SSPI when stale=true #929

jay added a commit to jay/curl that referenced this issue Jul 26, 2016

@jay
digest_sspi: Handle stale directive. draft1 
If there is an old digest and a new digest was sent with the stale
directive then the new digest replaces the old digest.

Prior to this change the stale directive was ignored and a new digest
would cause error CURLE_BAD_CONTENT_ENCODING in any case.

Bug: curl#928
Reported-by: tarek112@users.noreply.github.com
22c44c7
@tarek112

This comment has been minimized.

Show comment
Hide comment
@tarek112

tarek112 Jul 26, 2016

I tested you patch, it's working good. Thank you

tarek112 commented Jul 26, 2016

I tested you patch, it's working good. Thank you
@tarek112

This comment has been minimized.

Show comment
Hide comment
@tarek112

tarek112 Sep 22, 2016

Hello, still no issue with your patch. Is there something I can do to help with MR ?

tarek112 commented Sep 22, 2016

Hello, still no issue with your patch. Is there something I can do to help with MR ?
@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Sep 22, 2016

Member

Are you referring to @jay's commit from July 26th?
Member

bagder commented Sep 22, 2016

Are you referring to @jay's commit from July 26th?
@tarek112

This comment has been minimized.

Show comment
Hide comment
@tarek112

tarek112 Sep 23, 2016

Yes indeed: jay@22c44c7

tarek112 commented Sep 23, 2016

Yes indeed: jay@22c44c7

@bagder bagder assigned jay Oct 17, 2016

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Oct 17, 2016

Member

@jay any news or thoughts on where this is going?
Member

bagder commented Oct 17, 2016

@jay any news or thoughts on where this is going?

jay added a commit that referenced this issue Feb 21, 2017

@jay
digest_sspi: Handle 'stale=TRUE' directive in HTTP digest 
- If the server has provided another challenge use it as the replacement
  input token if stale=TRUE. Otherwise previous credentials have failed
  so return CURLE_LOGIN_DENIED.

Prior to this change the stale directive was ignored and if another
challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING.

Ref: https://tools.ietf.org/html/rfc2617#page-10

Bug: #928
Reported-by: tarek112@users.noreply.github.com
Loading status checks…
af5fbb1
@jay

This comment has been minimized.

Show comment
Hide comment
@jay

jay Feb 21, 2017

Member

Thanks, landed in af5fbb1.
Member

jay commented Feb 21, 2017

Thanks, landed in af5fbb1.

@jay jay closed this Feb 21, 2017

@lock lock bot locked as resolved and limited conversation to collaborators May 6, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.