[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squid-cvs
Subject:    cvs commit: squid3/src/auth/digest auth_digest.cc auth_digest.h
From:       Henrik Nordstrom <hno () squid-cache ! org>
Date:       2007-12-30 4:06:30
Message-ID: 200712300406.lBU46UXG030520 () squid-cache ! org
[Download RAW message or body]

hno         2007/12/29 21:06:30 MST

  Modified files:
    src/auth/digest      auth_digest.cc auth_digest.h 
  Log:
  Random authenticaiton failures when using Digest authentication
  
  The stale= propery of the Digest responses sent by Squid indicated far
  too often that the nonce was not stale. Contrary to what the RFC recommends
  we should only say that the nonce is not stale when it is a valid nonce but
  the response did not compute (invalid user or password). In all other
  situations we should say that the nonce is stale even if we haven't
  validated the response.
  
  Revision  Changes    Path
  1.61      +16 -20    squid3/src/auth/digest/auth_digest.cc
  1.22      +1 -2      squid3/src/auth/digest/auth_digest.h

[prev in list] [next in list] [prev in thread] [next in thread]