Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Http digest authentication doesn't support 'stale=true' #928
I did this
Build using cmake with default options under windows (so using windows SSPI). Loop on a GET request to reach a digest authenticated resource. Reuse easy handle between requests.
I expected the following
Keep working after 401 ... "stale=true".
I think I've found were the issue comes from and I should provide a pull request soon.
If there is an old digest and a new digest was sent with the stale directive then the new digest replaces the old digest. Prior to this change the stale directive was ignored and a new digest would cause error CURLE_BAD_CONTENT_ENCODING in any case. Bug: curl#928 Reported-by: firstname.lastname@example.org
- If the server has provided another challenge use it as the replacement input token if stale=TRUE. Otherwise previous credentials have failed so return CURLE_LOGIN_DENIED. Prior to this change the stale directive was ignored and if another challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. Ref: https://tools.ietf.org/html/rfc2617#page-10 Bug: #928 Reported-by: email@example.com