Hi, in digestauth.c, L296 you'll find an unconditional strlen(password).
The function is called via digest_auth_check_all() from MHD_digest_auth_check_digest2() with a NULL 'password'. I am not sure what your favorite place is for a fix, so I'll just report and leave it to you. Regards, Tim
signature.asc
Description: OpenPGP digital signature
