Re: digest autentication 401 Unauthorized



I did not change a single thing but it suddenly works now, so this might have been a distro specific issue or some change I am currently not aware of. A ntoe: curl's "--digest" switch is required, otherwise I always get a 401 (even now that it works with the digest switch)

Best

Bernhard


On Thu, Oct 17, 2013 at 8:43 PM, Bernhard Schuster <schuster bernhard googlemail com> wrote:
Bump! Could somebody please have a look at this, I am really stuck here.

On Wed, Oct 16, 2013 at 2:46 AM, Bernhard Schuster <schuster bernhard googlemail com> wrote:
Using the code below compiled against libsoup 2.44.1 with the digest auth handler as below gives me _always_ a 401 error code ( Unauthorized ), though the username and password are correct.

Testing is currently based on
# curl -k -v -i -X PUT -u "username:foofoofoo" -d "test content" --digest "https://127.0.0.1:1234/?query=dummy"

Which returns:

HTTP/1.1 401 Unauthorized
Server: dummysrv
Date: Wed, 16 Oct 2013 00:42:00 GMT
WWW-Authenticate: Digest realm="somerealm", nonce="69190561381884120", qop="auth", algorithm=MD5
Content-Length: 0

HTTP/1.1 401 Unauthorized
Server: dummysrv
Date: Wed, 16 Oct 2013 00:42:00 GMT
WWW-Authenticate: Digest realm="somerealm", nonce="69192961381884120", qop="auth", algorithm=MD5
Content-Length: 0

###

Code:
-------

char *
auth_digest_callback (SoupAuthDomain *domain,
                      SoupMessage *msg,
                      const char *username,
                      gpointer user_data)
{
return g_strdup (soup_auth_domain_digest_encode_password ("username", "somerealm", "foofoofoo"));

}


/* snip code */

  server = soup_server_new (SOUP_SERVER_PORT, (guint)opts.server.port,
                         SOUP_SERVER_SERVER_HEADER, "eebusrestifier",
                         SOUP_SERVER_TLS_CERTIFICATE, tlscert,
                         NULL);
  authdomain = soup_auth_domain_digest_new (
                   SOUP_AUTH_DOMAIN_REALM, REALM, /*defined in accessstore.h*/
                SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, auth_digest_callback,
                SOUP_AUTH_DOMAIN_DIGEST_AUTH_DATA, NULL,
                NULL);
  soup_auth_domain_add_path (authdomain, "/");
  soup_server_add_auth_domain (server, SOUP_AUTH_DOMAIN (authdomain));
  g_object_unref (authdomain);
  soup_server_add_handler (server,
                        NULL /* path this callback will handle, NULL for all/being default handler */,
                        (SoupServerCallback)server_callback,
                        (gpointer)cache/* user_data */,
                        (GDestroyNotify)NULL /*free func for user data*/);
  g_assert (soup_server_is_https (server));
  soup_server_run_async (server);

/* snip code */

I started digging downto check_hex_urp, which returns FALSE due to response not matching computed_response (totally different 32 byte (+1 \0 byte) vectors)

Thanks for any hint(s). I did not find any bugs that seemed to be related to the above issue. My guess is that it is related to realm but I can not pin point it.

Bernhard


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]