Gisle Aas wrote:
> "Jeremy Howard" <[EMAIL PROTECTED]> writes:
>
> > I found that using LWP::Authen::Digest with an incorrect password causes
> > infinite recursion. This is because the auth string changes each time as
the
> > nonce changes. Patch follows. It can be applied with:
>
> This patch breaks the test suite. The reason is that it prevents
> retrials with the same username, but with different passwords. I have
> applied the following patch instead. Can you check that it works for
> you?
>
Works for me. Thanks Gisle.
What's the "we shouldn't really do this but" comment referring to? Is there
a potential side effect to be aware of here?
> Index: lib/LWP/Authen/Digest.pm
> ===================================================================
> RCS file: /cvsroot/libwww-perl/lwp5/lib/LWP/Authen/Digest.pm,v
> retrieving revision 1.5
> diff -u -p -u -r1.5 Digest.pm
> --- lib/LWP/Authen/Digest.pm 2001/11/27 16:37:46 1.5
> +++ lib/LWP/Authen/Digest.pm 2002/02/07 05:43:21
> @@ -69,8 +69,8 @@ sub authenticate
> # Need to check this isn't a repeated fail!
> my $r = $response;
> while ($r) {
> - my $auth = $r->request->header($auth_header);
> - if ($auth && $auth eq $auth_value) {
> + my $u = $r->request->{digest_user_pass};
> + if ($u && $u->[0] eq $user && $u->[1] eq $pass) {
> # here we know this failed before
> $response->header("Client-Warning" =>
> "Credentials for '$user' failed before");
> @@ -81,6 +81,9 @@ sub authenticate
>
> my $referral = $request->clone;
> $referral->header($auth_header => $auth_value);
> + # we shouldn't really do this, but...
> + $referral->{digest_user_pass} = [$user, $pass];
> +
> return $ua->request($referral, $arg, $size, $response);
> }
