Nikitinskit Dmitriy filed bug report #1868255

(http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies and fixes a problem with parsing WWW-Authenticate: headers with additional spaces in the line that the parser wasn't written to deal with.
2008-01-10 09:17:07 +00:00
parent bce5ae9a07
commit 0ce484eed9
3 changed files with 11 additions and 1 deletions
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -180,6 +180,9 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
        break; /* we're done here */

      header += totlen;
+      /* pass all additional spaces here */
+      while(*header && ISSPACE(*header))
+        header++;
      if(',' == *header)
        /* allow the list to be comma-separated */
        header++;