On 11/11/20 3:02 PM, DJM-Avalesta wrote: > Hi, > > I spoke too soon, I still have issues authenticating with certain clients. > > The attached wireshark shows, at the very end, it fails to authenticate > an HTTP GET of an image file (/mjpg/image.cgi) when the username, nonce > and realm all seem to be correct. > > It actually fails in digestauth.c with the message "Authentication > failed, arguments do no match". > > Any ideas?
I suspect the "?view=0" is somehow to blame. IIRC we had issues with that in the past, where some include the "?view=0" in the URI when hashing, and others do not. Also not that the "?view=0" is *NOT* included in the "uri=/mjpeg/image.cgi" given by the client (TCP stream #10). So if the client excluded "?view=0" from hashing, and MHD included "?view=0" when hashing, this disagreement would result in exactly this behavior. (I don't recall on the spot what the standard says, and also don't recall if MHD even look a tthe "uri=" argument in the authorization header -- I'd need more time to investigate this, so this is just my hunch/idea here.) Happy hacking! Christian
signature.asc
Description: OpenPGP digital signature
