digest: Do not quote algorithm in HTTP authorisation

RFC 7616 section 3.4 (The Authorization Header Field) states that "For
historical reasons, a sender MUST NOT generate the quoted string syntax
for the following parameters: algorithm, qop, and nc". This removes the
quoting for the algorithm parameter.

Reviewed-by: Steve Holme
Closes #4890

diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 8cd4d83ed3d2de04976c78187084561304170b9c..4d3839d900541a2349922f55a35e46ca835f0e1b 100644 (file)
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -899,7 +899,7 @@ static CURLcode _Curl_auth_create_digest_http_message(
 
   if(digest->algorithm) {
     /* Append the algorithm */
-    tmp = aprintf("%s, algorithm=\"%s\"", response, digest->algorithm);
+    tmp = aprintf("%s, algorithm=%s", response, digest->algorithm);
     free(response);
     if(!tmp)
       return CURLE_OUT_OF_MEMORY;

diff --git a/tests/data/test1437 b/tests/data/test1437
index 19ccece045cc054c44bcd291b4380608b856560b..6a48444fb3910a5b98c78c0f76a3fd8b9637dea5 100644 (file)
--- a/tests/data/test1437
+++ b/tests/data/test1437
@@ -75,7 +75,7 @@ Accept: */*
 \r
 GET /1437 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/1437", response="4376eb639bf8e7343a6e7b56e1b89c4f", algorithm="MD5"\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="2", uri="/1437", response="4376eb639bf8e7343a6e7b56e1b89c4f", algorithm=MD5\r
 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3\r
 Accept: */*\r
 \r

diff --git a/tests/data/test153 b/tests/data/test153
index 77f7adb01e7eb8f3609aaf0dbf4b0bb132f102f5..1f55f39b674dd0c8d5dcbb2f63b4d1411d2ef088 100644 (file)
--- a/tests/data/test153
+++ b/tests/data/test153
@@ -115,7 +115,7 @@ Accept: */*
 \r
 GET /1530002 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/1530002", cnonce="MTA4MzIy", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm="MD5"\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="999999", uri="/1530002", cnonce="MTA4MzIy", nc="00000001", qop="auth", response="25291c357671604a16c0242f56721c07", algorithm=MD5\r
 User-Agent: curl/7.11.0-CVS (i686-pc-linux-gnu) libcurl/7.11.0-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS\r
 Accept: */*\r
 \r

diff --git a/tests/data/test2058 b/tests/data/test2058
index 65a907f43a2619c72dd2bb62c39670d6244e2845..613dff00135f53238adb692ce103fd634a1fc2f1 100644 (file)
--- a/tests/data/test2058
+++ b/tests/data/test2058
@@ -95,7 +95,7 @@ Content-Length: 0
 \r
 GET http://%HOSTIP:%HTTPPORT/2058 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2058", response="fbed69f9f3fd304c8f1acb1a43eb32688b933c0e28055c16b926cbcec070aeed", algorithm="SHA-256"\r
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2058", response="fbed69f9f3fd304c8f1acb1a43eb32688b933c0e28055c16b926cbcec070aeed", algorithm=SHA-256\r
 Content-Range: bytes 2-4/5\r
 Accept: */*\r
 Proxy-Connection: Keep-Alive\r

diff --git a/tests/data/test2059 b/tests/data/test2059
index 4272a7b41a303c3f7733497032d05ff2f290a6a8..15799ae07fc7562349923f24affe615ca04686af 100644 (file)
--- a/tests/data/test2059
+++ b/tests/data/test2059
@@ -95,7 +95,7 @@ Content-Length: 0
 \r
 GET http://%HOSTIP:%HTTPPORT/2059 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2059", response="fc09be8192851e284e73e8b719b32a2f6f91cca0594e68713da8c49dc2c1656e", algorithm="SHA-512-256", userhash=true\r
+Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2059", response="fc09be8192851e284e73e8b719b32a2f6f91cca0594e68713da8c49dc2c1656e", algorithm=SHA-512-256, userhash=true\r
 Content-Range: bytes 2-4/5\r
 Accept: */*\r
 Proxy-Connection: Keep-Alive\r

diff --git a/tests/data/test2060 b/tests/data/test2060
index a0b291dc2157cb033201f54a55b5c9021b05a687..05ce35103c1b3a2d8e077eb95fb74026c7917808 100644 (file)
--- a/tests/data/test2060
+++ b/tests/data/test2060
@@ -95,7 +95,7 @@ Content-Length: 0
 \r
 GET http://%HOSTIP:%HTTPPORT/2060 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2060", response="3ce1e25ffa611bdbe90e2ab367b9602fa223db9f6de76ac667f0d6157e2178a6", algorithm="SHA-512-256"\r
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2060", response="3ce1e25ffa611bdbe90e2ab367b9602fa223db9f6de76ac667f0d6157e2178a6", algorithm=SHA-512-256\r
 Content-Range: bytes 2-4/5\r
 Accept: */*\r
 Proxy-Connection: Keep-Alive\r

diff --git a/tests/data/test2061 b/tests/data/test2061
index af3758c97d7ae4f7a252ed5b7aa10eb096a4e1db..bee88e34a079d07f9ef4cbdde6247dc8d5ac7c59 100644 (file)
--- a/tests/data/test2061
+++ b/tests/data/test2061
@@ -75,7 +75,7 @@ Accept: */*
 \r
 GET /2061 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2061", response="9dc55255f1a2537b838311674b621d45346b862a81631bb20e4ce356ef25062d", algorithm="SHA-256"\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2061", response="9dc55255f1a2537b838311674b621d45346b862a81631bb20e4ce356ef25062d", algorithm=SHA-256\r
 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3\r
 Accept: */*\r
 \r

diff --git a/tests/data/test2062 b/tests/data/test2062
index d5ce6899f7e51b6b794f910b3a4bccb966f66e51..f6d4aff24d0412dc2456a68c617534855daa389e 100644 (file)
--- a/tests/data/test2062
+++ b/tests/data/test2062
@@ -75,7 +75,7 @@ Accept: */*
 \r
 GET /2062 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2062", response="2af735ec3508f4dff99248ffbbe9de9002bfd7cc770cfa2b026cb334042a54e3", algorithm="SHA-512-256"\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/2062", response="2af735ec3508f4dff99248ffbbe9de9002bfd7cc770cfa2b026cb334042a54e3", algorithm=SHA-512-256\r
 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3\r
 Accept: */*\r
 \r

diff --git a/tests/data/test2063 b/tests/data/test2063
index 220fe4ebea7b3a358ae8c79784313eddfc789a33..af9a9f0aa7191767e93a5bb9dbe637c3ed1f839c 100644 (file)
--- a/tests/data/test2063
+++ b/tests/data/test2063
@@ -75,7 +75,7 @@ Accept: */*
 \r
 GET /2063 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="1053604145", uri="/2063", response="43f7ab531dff687b5dc75617daa59d1fd67d648341d6d2655ca65ef5064cfb51", algorithm="SHA-512-256", userhash=true\r
+Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="1053604145", uri="/2063", response="43f7ab531dff687b5dc75617daa59d1fd67d648341d6d2655ca65ef5064cfb51", algorithm=SHA-512-256, userhash=true\r
 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3\r
 Accept: */*\r
 \r

diff --git a/tests/data/test2064 b/tests/data/test2064
index aa20c0bc0b577952d7b53caf136145b8aaf07e42..bfaaa05e8f7ad05ccdbf760a648247ec45277feb 100644 (file)
--- a/tests/data/test2064
+++ b/tests/data/test2064
@@ -75,7 +75,7 @@ Accept: */*
 \r
 GET /2064 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2064", response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5", algorithm="SHA-256"\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2064", response="a9c3ec1036068b336cbabefe9dfcad52ee8b89bc7c91ddbb5bb415c6acdf38a5", algorithm=SHA-256\r
 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3\r
 Accept: */*\r
 \r

diff --git a/tests/data/test2065 b/tests/data/test2065
index d3afe0b134c5a877fe724a0a15188f8b8263068c..d18b008ad86070d8088513570f3ab4a41d5bef33 100644 (file)
--- a/tests/data/test2065
+++ b/tests/data/test2065
@@ -75,7 +75,7 @@ Accept: */*
 \r
 GET /2065 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2065", response="5a5f20b0e601aeddc6f96422c2332d49ff431c49ab143b5f836ef76e9ac78f5e", algorithm="SHA-512-256"\r
+Authorization: Digest username="testuser", realm="testrealm", nonce="2053604145", uri="/2065", response="5a5f20b0e601aeddc6f96422c2332d49ff431c49ab143b5f836ef76e9ac78f5e", algorithm=SHA-512-256\r
 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3\r
 Accept: */*\r
 \r

diff --git a/tests/data/test2066 b/tests/data/test2066
index e6ec28a1e3cbc65f662c1139336ca1c1b3a510d7..b6effee0e496c9e1020169d47068241e5c0763ca 100644 (file)
--- a/tests/data/test2066
+++ b/tests/data/test2066
@@ -75,7 +75,7 @@ Accept: */*
 \r
 GET /2066 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="2053604145", uri="/2066", response="a2e2ae589f575fb132991d6f550ef14bf7ef697d2fef1242d2498f07eafc77dc", algorithm="SHA-512-256", userhash=true\r
+Authorization: Digest username="75af8a3500f771e58a52093a25e7905d6e428a511285c12ea1420c73078dfd61", realm="testrealm", nonce="2053604145", uri="/2066", response="a2e2ae589f575fb132991d6f550ef14bf7ef697d2fef1242d2498f07eafc77dc", algorithm=SHA-512-256, userhash=true\r
 User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3\r
 Accept: */*\r
 \r

diff --git a/tests/data/test2067 b/tests/data/test2067
index faa7c57fa5d1d22f64aacd7e85c298a4dafc87a4..c203343e60d7cbc0869e1843c56864c027bb7aa0 100644 (file)
--- a/tests/data/test2067
+++ b/tests/data/test2067
@@ -78,7 +78,7 @@ Content-Type: application/x-www-form-urlencoded
 \r
 POST /2067 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2067", response="67b97af219c92fa7e8685e5bebb8e74892f6c6792e911c52bd2dfbf0b49272eb", algorithm="SHA-256"\r
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2067", response="67b97af219c92fa7e8685e5bebb8e74892f6c6792e911c52bd2dfbf0b49272eb", algorithm=SHA-256\r
 Accept: */*\r
 Content-Length: 11\r
 Content-Type: application/x-www-form-urlencoded\r

diff --git a/tests/data/test2068 b/tests/data/test2068
index 43a50e6262a05d4edd9b069bc7a5d48abd4a895b..5a197ce27d439515533febd82051cd4424170211 100644 (file)
--- a/tests/data/test2068
+++ b/tests/data/test2068
@@ -78,7 +78,7 @@ Content-Type: application/x-www-form-urlencoded
 \r
 POST /2068 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2068", response="4bc9c97a72f1856bcec9b0e1518c6b7ee28773f91357d56840bdc30bd89ca68f", algorithm="SHA-512-256"\r
+Authorization: Digest username="auser", realm="testrealm", nonce="1053604144", uri="/2068", response="4bc9c97a72f1856bcec9b0e1518c6b7ee28773f91357d56840bdc30bd89ca68f", algorithm=SHA-512-256\r
 Accept: */*\r
 Content-Length: 11\r
 Content-Type: application/x-www-form-urlencoded\r

diff --git a/tests/data/test2069 b/tests/data/test2069
index e8040a5e03928915a96cfac067fb94d2ecb38111..99fd71d0eee6313541c7aeb616aeac181d4aadfd 100644 (file)
--- a/tests/data/test2069
+++ b/tests/data/test2069
@@ -78,7 +78,7 @@ Content-Type: application/x-www-form-urlencoded
 \r
 POST /2069 HTTP/1.1\r
 Host: %HOSTIP:%HTTPPORT\r
-Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2069", response="ff13d977110a471f30de75e747976e4de78d7a3d2425cd23ff46e67f4bc9ead7", algorithm="SHA-512-256", userhash=true\r
+Authorization: Digest username="fddc3bc7b753b73ab0848fd83cb20cbbca971258eb8d20c941dd5e0b010d66be", realm="testrealm", nonce="1053604144", uri="/2069", response="ff13d977110a471f30de75e747976e4de78d7a3d2425cd23ff46e67f4bc9ead7", algorithm=SHA-512-256, userhash=true\r
 Accept: */*\r
 Content-Length: 11\r
 Content-Type: application/x-www-form-urlencoded\r