[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: KDE/kdelibs/kioslave/http
From: Dawit Alemayehu <adawit () kde ! org>
Date: 2010-12-04 19:50:21
Message-ID: 20101204195021.98C56AC8A4 () svn ! kde ! org
[Download RAW message or body]
SVN commit 1203598 by adawit:
Address the valid issues pointed out in items #1 and #2 of \
https://bugs.kde.org/show_bug.cgi?id=58530#c27. Item #3 has already been addressed \
but is a moot point since we do not support qop="auth-int" anyways.
CCMAIL:58530
M +19 -1 httpauthentication.cpp
--- trunk/KDE/kdelibs/kioslave/http/httpauthentication.cpp #1203597:1203598
@@ -97,7 +97,7 @@
static QByteArray valueForKey(const QList<QByteArray> &ba, const QByteArray &key)
{
- for (int i = 0; i + 1 < ba.count(); i += 2) {
+ for (int i = 0, count = ba.count(); (i + 1) < count; i += 2) {
if (ba[i] == key) {
return ba[i + 1];
}
@@ -434,6 +434,24 @@
QByteArray opaque = valueForKey(m_challenge, "opaque");
info.qop = valueForKey(m_challenge, "qop");
+ // NOTE: Since we do not have access to the entity body, we cannot support
+ // the "auth-int" qop value ; so if the server returns a comma separated
+ // list of qop values, prefer "auth".See RFC 2617 sec 3.2.2 for the details.
+ // If "auth" is not present or it is set to "auth-int" only, then we simply
+ // print a warning message and disregard the qop option altogether.
+ if (info.qop.contains(',')) {
+ const QList<QByteArray> values = info.qop.split(',');
+ if (info.qop.contains("auth"))
+ info.qop = "auth";
+ else {
+ kWarning(7113) << "Unsupported digest authentication qop paramters:" << \
values; + info.qop.clear();
+ }
+ } else if (info.qop == "auth-int") {
+ kWarning(7113) << "Unsupported digest authentication qop paramter:" << \
info.qop; + info.qop.clear();
+ }
+
if (info.realm.isEmpty() || info.nonce.isEmpty()) {
// ### proper error return
m_isError = true;
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic