- Fixed the HTTP Digest auth code to not behave badly when getting a blank realm

with realm="". http://curl.haxx.se/bug/view.cgi?id=2126435
This commit is contained in:
Daniel Stenberg
2008-09-25 14:09:22 +00:00
parent 4d437416da
commit 1b9d311b5c
3 changed files with 11 additions and 0 deletions

View File

@@ -6,6 +6,10 @@
Changelog
Daniel Stenberg (25 Sep 2008)
- Fixed the HTTP Digest auth code to not behave badly when getting a blank realm
with realm="". http://curl.haxx.se/bug/view.cgi?id=2126435
Daniel Fandrich (23 Sep 2008)
- Make sure not to dereference the wrong UrlState proto union member when
switching from one protocol to another in a single request (e.g.

View File

@@ -27,6 +27,7 @@ This release includes the following bugfixes:
o SFTP over SOCKS crash fixed
o thread-safety issues addressed for NSS-powered libcurls
o removed the use of mktime() and gmtime(_r)() in date parsing and conversions
o HTTP Digest with a blank realm did wrong
This release includes the following known bugs:

View File

@@ -104,6 +104,12 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
include the possibly trailing comma, newline or carriage return */
(2 == sscanf(header, "%255[^=]=%1023[^\r\n,]",
value, content)) ) {
if(!strcmp("\"\"", content)) {
/* for the name="" case where we get only the "" in the content variable,
* simply clear the content then
*/
content[0]=0;
}
if(strequal(value, "nonce")) {
d->nonce = strdup(content);
if(!d->nonce)