Skip Menu |

This queue is for tickets about the libwww-perl CPAN distribution.

Report information
The Basics
Id: 20889
Status: resolved
Priority: 0/
Queue: libwww-perl
People
Owner: Nobody in particular
Requestors: perl [...] intertivityNOSP4M.com
Cc:
AdminCc:
Bug Information
Severity: Critical
Broken in: 5.805
Fixed in: (no value)

History Show all quoted text
  Tue Aug 08 09:17:57 2006 perl [...] intertivityNOSP4M.com - Ticket created
Subject: Error in Authentication Digest Implementation
Hi, RFC 2617 says to calculate the digest of the body only if the auth-int is set in the qop option. The current version of LWP::Authen::Digest just ignores this and caculates the digest always when the method is POST or PUT. The following lines will fix it: my %resp = map { $_ => $auth_param->{$_} } qw(realm nonce opaque); @resp{qw(username uri response algorithm)} = ($user, $uri, $digest, "MD5"); # changes start here my $auth_qop = $auth_param->{qop} || ""; if ($auth_qop eq "auth") { @resp{qw(qop cnonce nc)} = ("auth", $cnonce, $nc); } my(@order) = qw(username realm qop algorithm uri nonce nc cnonce response); if($request->method =~ /^(?:POST|PUT)$/ && $auth_qop eq 'auth- int' ) { # changes end here $md5->add($request->content); my $content = $md5->hexdigest; HTH esskar
  Thu Mar 30 19:52:31 2017 olaf [...] wundersolutions.com - Correspondence added
Ticket migrated to github as https://github.com/libwww-perl/libwww-perl/issues/130
  Thu Mar 30 19:52:31 2017 The RT System itself - Status changed from 'new' to 'open'
  Thu Mar 30 19:52:37 2017 olaf [...] wundersolutions.com - Status changed from 'open' to 'resolved'