https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #15 from Mark Thornton ---
HttpClient is a culprit in quoting algorithm. Unfortunately Ubuntu 13.04 uses
TomCat 7.0.35 and is thus affected. I have filed an issue with HttpClient:
https://issues.apache.org/jira/browse/HTTPCLIENT
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
Mark Thomas changed:
What|Removed |Added
Status|REOPENED|RESOLVED
Resolution|---
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
Konstantin Kolinko changed:
What|Removed |Added
Status|RESOLVED|REOPENED
Resolution|F
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #12 from Sean Owen ---
Hello Konstantin, it's the JVM that seems to send a bad algorithm value. I've
reproduced it in the following, at least:
- Java 1.6.0_37 for Mac OS X
- Java 1.7.0_10 for Mac OS X
- OpenJDK 1.7.0_09 for Lin
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #11 from Konstantin Kolinko ---
(In reply to comment #10)
>
> The reason, it seems, is that their Digest response includes either
> algorithm="MD5" when it should be algorithm=MD5, or qop="auth" when it
> should be qop=auth.
>
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #10 from Sean Owen ---
Hello all, first I would like to say that I think this patch is entirely right.
I even checked against RFC 2617. But after this change I'm noticing that DIGEST
authentication stops working in Safari, curl,
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #8 from Mark Thomas ---
I have added a first cut of a new HTTP header parser to trunk. The tests
attached to this issue pass but there is more work to do before the new parser
can be used to solve this issue.
--
You are receiv
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #7 from Mark Thomas ---
Thanks. Much more readable.
I'm currently mulling over how to handle this. The HttpParser is very
heavy-weight but the simple approach is demonstrably prone to failure. I'm
wondering if writing a generic
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #6 from Mark Thornton ---
Created attachment 29519
--> https://issues.apache.org/bugzilla/attachment.cgi?id=29519&action=edit
Patch in alternative format
I hope this the preferred format
result of git diff -p
--
You are rec
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #5 from Mark Thomas ---
diff -u format for the patch please. I'm tempted to use the HTTP header parser
for this. It'll need a fair bit of work for this though.
--
You are receiving this mail because:
You are the assignee for t
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
Mark Thornton changed:
What|Removed |Added
CC||mthorn...@optrak.com
--
You are r
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #4 from Mark Thornton ---
The patch is against 7.0.30 because that is the most recent version packaged
for Ubuntu 12.10.
--
You are receiving this mail because:
You are the assignee for the bug.
--
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #3 from Mark Thornton ---
Created attachment 29518
--> https://issues.apache.org/bugzilla/attachment.cgi?id=29518&action=edit
Proposed patch fixes problem
A more rigorous parsing of header lines might be appropriate
--
You
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #2 from Mark Thornton ---
The current parsing would also be broken by including an embedded quote in
fields (e.g. in the cnonce field). E.g. cnonce="Mgytrr\"gfh"
Looking for a regular expression that correctly handles this synt
https://issues.apache.org/bugzilla/show_bug.cgi?id=54060
--- Comment #1 from Mark Thornton ---
Created attachment 29515
--> https://issues.apache.org/bugzilla/attachment.cgi?id=29515&action=edit
Simple test of the parsing
Test code for the erroneous line in DigestAuthenticator.
Includes two e
16 matches
Mail list logo
