[prev in list] [next in list] [prev in thread] [next in thread]
List: squid-cvs
Subject: cvs commit: squid3/src/auth/digest auth_digest.cc auth_digest.h
From: Henrik Nordstrom <hno () squid-cache ! org>
Date: 2007-12-30 4:06:30
Message-ID: 200712300406.lBU46UXG030520 () squid-cache ! org
[Download RAW message or body]
hno 2007/12/29 21:06:30 MST
Modified files:
src/auth/digest auth_digest.cc auth_digest.h
Log:
Random authenticaiton failures when using Digest authentication
The stale= propery of the Digest responses sent by Squid indicated far
too often that the nonce was not stale. Contrary to what the RFC recommends
we should only say that the nonce is not stale when it is a valid nonce but
the response did not compute (invalid user or password). In all other
situations we should say that the nonce is stale even if we haven't
validated the response.
Revision Changes Path
1.61 +16 -20 squid3/src/auth/digest/auth_digest.cc
1.22 +1 -2 squid3/src/auth/digest/auth_digest.h
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic