diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2021-11-28 02:22:40 -0500 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-11-30 13:57:46 +0100 |
commit | aae235b6ba92662a6fb7b459614f7ee2e290ae17 (patch) | |
tree | cfa956fc7a505f4d79336a6a00a8349aba611fb1 /lib/vauth/digest.c | |
parent | 6ad053060d213ef356d3f3943784620b4deea05a (diff) | |
download | curl-aae235b6ba92662a6fb7b459614f7ee2e290ae17.tar.gz |
digest: compute user:realm:pass digest w/o userhash
https://datatracker.ietf.org/doc/html/rfc7616#section-3.4.4
... the client MUST calculate a hash of the username after
any other hash calculation ...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Closes #8066
Diffstat (limited to 'lib/vauth/digest.c')
-rw-r--r-- | lib/vauth/digest.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c index a04ffab6f..52179c265 100644 --- a/lib/vauth/digest.c +++ b/lib/vauth/digest.c @@ -722,8 +722,7 @@ static CURLcode auth_create_digest_http_message( unq(nonce-value) ":" unq(cnonce-value) */ - hashthis = aprintf("%s:%s:%s", digest->userhash ? userh : userp, - digest->realm, passwdp); + hashthis = aprintf("%s:%s:%s", userp, digest->realm, passwdp); if(!hashthis) return CURLE_OUT_OF_MEMORY; |