You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by dg...@hyperreal.org on 1998/01/20 02:06:20 UTC
cvs commit: apache/src CHANGES mod_digest.c
dgaudet 98/01/19 17:06:20
Modified: . Tag: APACHE_1_2_X STATUS
src Tag: APACHE_1_2_X CHANGES mod_digest.c
Log:
"digest" auth token should be tested case-insensitive as well.
PR: 1599
Submitted by: Ronald.Tschalaer@psi.ch
Reviewed by: Dean Gaudet
Revision Changes Path
No revision
No revision
1.1.2.21 +1 -0 apache/Attic/STATUS
Index: STATUS
===================================================================
RCS file: /export/home/cvs/apache/Attic/STATUS,v
retrieving revision 1.1.2.20
retrieving revision 1.1.2.21
diff -u -r1.1.2.20 -r1.1.2.21
--- STATUS 1998/01/20 00:59:08 1.1.2.20
+++ STATUS 1998/01/20 01:06:16 1.1.2.21
@@ -18,6 +18,7 @@
* PR#1500: allocate r->connection->user in correct pool
* PR#1366: send_fd_length did not calculate total_bytes_sent properly
* PR#1604: table_{set,unset} didn't deal correctly with multiple keys
+ * PR#1599: "Digest" auth token should be tested case-insensitive
Available:
No revision
No revision
1.286.2.73 +2 -2 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.72
retrieving revision 1.286.2.73
diff -u -r1.286.2.72 -r1.286.2.73
--- CHANGES 1998/01/20 00:59:10 1.286.2.72
+++ CHANGES 1998/01/20 01:06:17 1.286.2.73
@@ -18,8 +18,8 @@
header, not an error, but a waste.
[Ronald.Tschalaer@psi.ch] PR#1683
- *) "basic" auth token should be tested case-insensitive.
- [Ronald.Tschalaer@psi.ch] PR#1666
+ *) "basic" and "digest" auth tokens should be tested case-insensitive.
+ [Ronald.Tschalaer@psi.ch] PR#1599, PR#1666
*) It appears the "257th byte" bug (see
htdocs/manual/misc/known_client_problems.html#257th-byte) can happen
1.14.2.1 +1 -1 apache/src/mod_digest.c
Index: mod_digest.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_digest.c,v
retrieving revision 1.14
retrieving revision 1.14.2.1
diff -u -r1.14 -r1.14.2.1
--- mod_digest.c 1997/03/07 14:15:39 1.14
+++ mod_digest.c 1998/01/20 01:06:18 1.14.2.1
@@ -145,7 +145,7 @@
return AUTH_REQUIRED;
}
- if (strcmp(getword (r->pool, &auth_line, ' '), "Digest")) {
+ if (strcasecmp(getword (r->pool, &auth_line, ' '), "Digest")) {
/* Client tried to authenticate using wrong auth scheme */
log_reason ("client used wrong authentication scheme", r->uri, r);
note_digest_auth_failure (r);