On 11/24/2017 9:27 PM, René Berber via curl-library wrote: > lib curl version 7.56.1 (used within collectd). > > Communication with a device (solar panel control & monitor) which uses > digest authentication works only the 1st query (queries are made once > every 5 minutes), then fails repeatedly because libcurl is reusing the > (1st received) nonce, and ignoring the new one presented by the device. > > Dumping the traffic shows: > > Hypertext Transfer Protocol > GET /api/v1/production/inverters HTTP/1.1\r\n > ... > > Hypertext Transfer Protocol > HTTP/1.1 401 Unauthorized\r\n > ... expected > WWW-Authenticate: Digest qop="auth", realm="enphaseenergy.com", > nonce="xkoYWoGvVUmuqWvQLrjs16IX3HI="\r\n > Content-Type: application/json\r\n > ... the library receives the nonce, > > Hypertext Transfer Protocol > GET /api/v1/production/inverters HTTP/1.1\r\n > ... and proceeds to use it > Host: 192.168.10.14\r\n > [truncated]Authorization: Digest username="envoy", > realm="enphaseenergy.com", nonce="xkoYWoGvVUmuqWvQLrjs16IX3HI=", > uri="/api/v1/production/inverters", > cnonce="Yjc5N2UyYzk3NmM0ODA3Y2IxMzgwMjViNWRlODMyYWE=", nc=00000001, > qop=auth, response > User-Agent: collectd/5.8.0\r\n > ... > > Hypertext Transfer Protocol > HTTP/1.1 200 OK\r\n > ... receives the data > > ... from then on the library uses the same nonce, while the server > ... keeps changing it. > Hypertext Transfer Protocol > GET /api/v1/production/inverters HTTP/1.1\r\n > ... > [truncated]Authorization: Digest username="envoy", > realm="enphaseenergy.com", nonce="xkoYWoGvVUmuqWvQLrjs16IX3HI=", > ... > > Hypertext Transfer Protocol > HTTP/1.1 401 Unauthorized\r\n > ... > WWW-Authenticate: Digest qop="auth", realm="enphaseenergy.com", > nonce="F0gYWtOOdFIIG5E1qpHIW+SVuRY="\r\n > ... > > After it has a nonce the 401 errors do not produce a new attempt; > collectd receives an error, and prints a message to the log. > > Just to be clear, the user/password did not change (as in other similar > reports). > > A different problem seems to be with libcurl ignoring the > CURLOPT_FRESH_CONNECT, and CURLOPT_FORBID_REUSE options, which I tried > as a work around, and didn't change anything.
Can you file a report at https://github.com/curl/curl/issues/new and if possible give us a way to reproduce what you are describing. Please be sure to include the curl_version() ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
