git.ipfire.org Git - thirdparty/squid.git/commit

author	hno <>
	Fri, 20 Jun 2003 00:56:59 +0000 (00:56 +0000)
committer	hno <>
	Fri, 20 Jun 2003 00:56:59 +0000 (00:56 +0000)
commit	f5292c64df60a9694fc91c30e21da68e7d774392
tree	6985334da1ce8b1e056e0e9c9e9f8068593cc4bc	tree
parent	2585829387430d571f75bc4870caca59b9285b86	commit \| diff

2003-05-18 23:49 hno
2003-05-24 13:08 robertc

Bug #630: digest authentication and buggy browsers

This patch does four things:

* correct signalling of stale digest nonces

* auth_param digest check-nonce-count off option to completely
disable the nonce count check. Needed to work around Konqueror and
certain other broken digest qop implementations.

* auth_param digest post_workaround on to work around certain
broken browsers sending POST requests with a GET digest response

* changes the default of nonce_strictness to off. It is to early to
use strict nonce count increase by one checks, and even in the long
run this is probably not wanted. Enforcing increase by one does not
really add to security, only complexity.

src/auth/digest/auth_digest.cc		diff \| blob \| blame \| history
src/auth/digest/auth_digest.h		diff \| blob \| blame \| history
src/authenticate.cc		diff \| blob \| blame \| history
src/cf.data.pre		diff \| blob \| blame \| history
src/client_side.cc		diff \| blob \| blame \| history