Index: tests/data/test273
===================================================================
--- tests/data/test273 (.../7.15.0-crt-pre-code-changes) (revision 0)
+++ tests/data/test273 (.../7.15.0-crt) (revision 651)
@@ -0,0 +1,76 @@
+
+
+HTTP
+HTTP GET
+HTTP Digest auth
+
+
+# Server-side
+
+
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+Content-Type: text/html; charset=iso-8859-1
+
+This is not the real page
+
+
+# This is supposed to be returned when the server gets a
+# Authorization: Digest line passed-in from the client
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+
+This IS the real page!
+
+
+
+HTTP/1.1 401 Authorization Required swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+WWW-Authenticate: Digest realm="testrealm", nonce="1053604145"
+Content-Type: text/html; charset=iso-8859-1
+
+HTTP/1.1 200 OK swsclose
+Server: Apache/1.3.27 (Darwin) PHP/4.1.2
+Content-Type: text/html; charset=iso-8859-1
+
+This IS the real page!
+
+
+
+
+# Client-side
+
+
+http
+
+
+HTTP with two Digest authorization headers
+
+
+http://%HOSTIP:%HTTPPORT/273 -u testuser:testpass --digest
+
+
+
+# Verify data after the test has been "shot"
+
+
+^User-Agent:.*
+
+
+GET /273 HTTP/1.1
+Host: 127.0.0.1:%HTTPPORT
+Accept: */*
+
+GET /273 HTTP/1.1
+Authorization: Digest username="testuser", realm="testrealm", nonce="1053604145", uri="/273", response="576ae57b1db0039f8c0de43ef58e49e3"
+User-Agent: curl/7.10.5 (i686-pc-linux-gnu) libcurl/7.10.5 OpenSSL/0.9.7a ipv6 zlib/1.1.3
+Host: 127.0.0.1:%HTTPPORT
+Accept: */*
+
+
+
Index: lib/http.c
===================================================================
--- lib/http.c (.../7.15.0-crt-pre-code-changes) (revision 651)
+++ lib/http.c (.../7.15.0-crt) (revision 651)
@@ -621,18 +621,23 @@
#endif
#ifndef CURL_DISABLE_CRYPTO_AUTH
if(checkprefix("Digest", start)) {
- CURLdigest dig;
- *availp |= CURLAUTH_DIGEST;
- authp->avail |= CURLAUTH_DIGEST;
+ if((authp->avail & CURLAUTH_DIGEST) != 0) {
+ infof(data, "Ignoring duplicate digest auth header.\n");
+ }
+ else {
+ CURLdigest dig;
+ *availp |= CURLAUTH_DIGEST;
+ authp->avail |= CURLAUTH_DIGEST;
- /* We call this function on input Digest headers even if Digest
- * authentication isn't activated yet, as we need to store the
- * incoming data from this header in case we are gonna use Digest. */
- dig = Curl_input_digest(conn, (bool)(httpcode == 407), start);
+ /* We call this function on input Digest headers even if Digest
+ * authentication isn't activated yet, as we need to store the
+ * incoming data from this header in case we are gonna use Digest. */
+ dig = Curl_input_digest(conn, (bool)(httpcode == 407), start);
- if(CURLDIGEST_FINE != dig) {
- infof(data, "Authentication problem. Ignoring this.\n");
- data->state.authproblem = TRUE;
+ if(CURLDIGEST_FINE != dig) {
+ infof(data, "Authentication problem. Ignoring this.\n");
+ data->state.authproblem = TRUE;
+ }
}
}
else
Index: include/curl/curlver.h
===================================================================
--- include/curl/curlver.h (.../7.15.0-crt-pre-code-changes) (revision 651)
+++ include/curl/curlver.h (.../7.15.0-crt) (revision 651)
@@ -51,8 +51,6 @@
and it is always a greater number in a more recent release. It makes
comparisons with greater than and less than work.
*/
-#define LIBCURL_VERSION_NUM ((LIBCURL_VERSION_MAJOR << 16) | \
- (LIBCURL_VERSION_MINOR << 8) | \
- LIBCURL_VERSION_PATCH)
+#define LIBCURL_VERSION_NUM 0x070f00
#endif /* __CURL_CURLVER_H */