Please post the server challenge,
What does this look like?
does it by any chance request "auth-int"? auth-int is not supported yet.
I don't see 'auth-int' within the packets but maybe I am looking in the right
area.
The first response from the server is:
HTTP/1.1 401 Unauthorized
Server: Polycom SoundPoint IP Telephone HTTPd
Date: SAT, 07 JAN 2012 08:36:26 GMT
Connection: close
WWW-Authenticate: Digest realm="PUSH Authentication", nonce="132577494",
algorithm="MD5"
Content-type: text/html
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head><title>401 Unauthorized</title></head><body>
Authorization failed.
</body></html>
Many thanks for your suggestions and help so far
Paul
On 07/01/2012 08:25, Arno Garrels wrote:
Paul Read wrote:
I was using version 708 using the latest (721) I now at least get the
response to the 401 being sent back :-)
But still the request is rejected by the server. Wireshark shows
that the digest authorization response calculated by ICS is different
to that calculated by cURL. (THe nonce given was the same for ICS and
cURL). The cURL response is accepted, the ICS response is not.
cURL:
Digest username=\"bob\", realm=\"PUSH Authentication\",
nonce=\"132577494\", uri=\"/push\",
response=\"ce032cf8dad4898084e1a3f7f34148c8\", algorithm=\"MD5\"
ICS:
Digest username=\"bob\",realm=\"PUSH
Authentication\",nonce=\"132577494\",uri=\"/push\",response=\"7e843d8e80bd9265b467916afbc9cb2e\"
How can I be sure ICS is using MD5 and not MD4 or something else?
It does use MD5, see digest source in OverbyteIcsDigestAuth.pas.
As per RFC 2617 "MD5" is the default algorithm and optionally (some browsers
don't send it either):
"algorithm
A string indicating a pair of algorithms used to produce the digest
and a checksum. If this is not present it is assumed to be "MD5"."
Also I recently tested digest authentication against various proxy servers
successfully. Please post the server challenge, does it by any chance request
"auth-int"? auth-int is not supported yet.
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
