[prev in list] [next in list] [prev in thread] [next in thread]
List: kfm-devel
Subject: Re: kio's http authentication code
From: Waldo Bastian <bastian () kde ! org>
Date: 2000-04-26 18:12:47
[Download RAW message or body]
kfm-devel readers: Please CC: to the original author when responding.
On Wed, 26 Apr 2000, you wrote:
> Hi,
>
> I "stole" your http authentication code for use in my SIP
> implementation (kdenonbeta/dissipate). I have some concerns about your
> (?) implementation of HTTP digest authentication.
Well, I didn't write that part. And actually I have no idea what is does /
how it works. I'll forward your questions to the kfm-devel@kde.org
mailinglist. You might want to subscribe to that one.
> You can see my first go at fixing up the digest function by looking at
> kdenonbeta/dissipate/sipprotocol.cpp. Changes I'd like to make are:
>
> - only use qop if the remote end supports it! Many hosts do not yet
> implement the new rfc.
> - random cnonce, and incrementing the nonce count. a random cnonce is
> useful for security (otherwise it's useless), and using nonce-count
> can greatly speed up a session.
> - you need to pass the method into the authentication code. Not
> everything is a GET request.
>
> I also changed the digest code to act on QStrings directly, which in my
> implementation is useful.
>
> Are you interested in these changes for kio/http?
Yes.
> It it ok that my code took your code?
Sure, that's what open source is about.
> How can I better acknowledge this?
You could add something like "based on kio_http code by ..." in the header of
your source file, I believe Alex Zepeda wrote the authentication stuff, not
sure though.
Cheers,
Waldo
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic