Re: digest autentication 401 Unauthorized

[Bernhard Schuster <schuster bernhard googlemail com>]

Bump! Could somebody please have a look at this, I am really stuck here.

On Wed, Oct 16, 2013 at 2:46 AM, Bernhard Schuster <schuster bernhard googlemail com> wrote:

Using the code below compiled against libsoup 2.44.1 with the digest auth handler as below gives me _always_ a 401 error code ( Unauthorized ), though the username and password are correct.

Testing is currently based on

# curl -k -v -i -X PUT -u "username:foofoofoo" -d "test content" --digest "https://127.0.0.1:1234/?query=dummy"

Which returns:

HTTP/1.1 401 Unauthorized

Server: dummysrv

Date: Wed, 16 Oct 2013 00:42:00 GMT

WWW-Authenticate: Digest realm="somerealm", nonce="69190561381884120", qop="auth", algorithm=MD5

Content-Length: 0

HTTP/1.1 401 Unauthorized

Server: dummysrv

Date: Wed, 16 Oct 2013 00:42:00 GMT

WWW-Authenticate: Digest realm="somerealm", nonce="69192961381884120", qop="auth", algorithm=MD5

Content-Length: 0

###

Code:

-------

char *

auth_digest_callback (SoupAuthDomain *domain,

                      SoupMessage *msg,

                      const char *username,

                      gpointer user_data)

{

return g_strdup (soup_auth_domain_digest_encode_password ("username", "somerealm", "foofoofoo"));

}

/* snip code */

  server = soup_server_new (SOUP_SERVER_PORT, (guint)opts.server.port,

                         SOUP_SERVER_SERVER_HEADER, "eebusrestifier",

                         SOUP_SERVER_TLS_CERTIFICATE, tlscert,

                         NULL);

  authdomain = soup_auth_domain_digest_new (

                   SOUP_AUTH_DOMAIN_REALM, REALM, /*defined in accessstore.h*/

                SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, auth_digest_callback,

                SOUP_AUTH_DOMAIN_DIGEST_AUTH_DATA, NULL,

                NULL);

  soup_auth_domain_add_path (authdomain, "/");

  soup_server_add_auth_domain (server, SOUP_AUTH_DOMAIN (authdomain));

  g_object_unref (authdomain);

  soup_server_add_handler (server,

                        NULL /* path this callback will handle, NULL for all/being default handler */,

                        (SoupServerCallback)server_callback,

                        (gpointer)cache/* user_data */,

                        (GDestroyNotify)NULL /*free func for user data*/);

  g_assert (soup_server_is_https (server));

  soup_server_run_async (server);

/* snip code */

I started digging downto check_hex_urp, which returns FALSE due to response not matching computed_response (totally different 32 byte (+1 \0 byte) vectors)

Thanks for any hint(s). I did not find any bugs that seemed to be related to the above issue. My guess is that it is related to realm but I can not pin point it.

Bernhard