summaryrefslogtreecommitdiff
path: root/src/http_auth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/http_auth.c')
-rw-r--r--src/http_auth.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/http_auth.c b/src/http_auth.c
index 33adf71..d7d246b 100644
--- a/src/http_auth.c
+++ b/src/http_auth.c
@@ -1016,7 +1016,7 @@ int http_auth_digest_check(server *srv, connection *con, mod_auth_plugin_data *p
log_error_write(srv, __FILE__, __LINE__, "ss", "realm", realm);
log_error_write(srv, __FILE__, __LINE__, "ss", "nonce", nonce);
log_error_write(srv, __FILE__, __LINE__, "ss", "uri", uri);
- log_error_write(srv, __FILE__, __LINE__, "ss", "algorigthm", algorithm);
+ log_error_write(srv, __FILE__, __LINE__, "ss", "algorithm", algorithm);
log_error_write(srv, __FILE__, __LINE__, "ss", "qop", qop);
log_error_write(srv, __FILE__, __LINE__, "ss", "cnonce", cnonce);
log_error_write(srv, __FILE__, __LINE__, "ss", "nc", nc);
@@ -1095,7 +1095,9 @@ int http_auth_digest_check(server *srv, connection *con, mod_auth_plugin_data *p
if (algorithm &&
strcasecmp(algorithm, "md5-sess") == 0) {
li_MD5_Init(&Md5Ctx);
- li_MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16);
+ /* Errata ID 1649: http://www.rfc-editor.org/errata_search.php?rfc=2617 */
+ CvtHex(HA1, a1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)a1, 32);
li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 19:00:13 +0000