Hi folks,
I found this when using HTTP authentication, not sure if this is a
bug on wget or on the server side. This is wget version 1.10.2
compiled on MacOS X 10.4.8 with gcc 4.0.1 and make 3.80, which shows
this behaviour:
$ wget -O - --no-cache -d --http-user=admin --http-password=XX
http://192.168.128.23/admin/test/advanced
Setting --http-user (httpuser) to admin
Setting --http-password (httppassword) to XX
DEBUG output created by Wget 1.10.2 on darwin8.8.2.
--12:01:50-- http://192.168.128.23/admin/test/advanced
= `-'
Connecting to 192.168.128.23:80... connected.
Created socket 4.
Releasing 0x00400fd0 (new refcount 0).
Deleting unused 0x00400fd0.
---request begin---
GET /admin/test/advanced HTTP/1.0
Pragma: no-cache
User-Agent: Wget/1.10.2
Accept: */*
Authorization: Basic YWRtaW46MTIzMTIz
Host: 192.168.128.23
Connection: Keep-Alive
---request end---
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Digest realm=test realm,
domain=/,nonce=00284d92f7cd192b865184c2fbe64ae10fcf7d21,opaque=0028
4a87ff1dcbe8308fb196e75ac8001a19df8b,algorithm=MD5,qop=auth
Content-Type: text/html
Connection: close
---response end---
401 Unauthorized
Closed fd 4
Connecting to 192.168.128.23:80... connected.
Created socket 4.
Releasing 0x0040b280 (new refcount 0).
Deleting unused 0x0040b280.
---request begin---
GET /admin/test/advanced HTTP/1.0
Pragma: no-cache
User-Agent: Wget/1.10.2
Accept: */*
Authorization: Digest username=admin, realm=test realm,
nonce=00284d92f7cd192b865184c2fbe64ae10fcf7d21, uri=/admin/test/
advanced, response=91788478978becf70de81047d7fc5956,
opaque=00284a87ff1dcbe8308fb196e75ac8001a19df8b
Host: 192.168.128.23
Connection: Keep-Alive
---request end---
HTTP request sent, awaiting response...
---response begin---
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Digest realm=test realm,
domain=/,nonce=00284d9c7c37e1f437b8b55366a085a3d4cf45b9,opaque=0028
4d92f7cd192b865184c2fbe64ae10fcf7d21,algorithm=MD5,qop=auth
Content-Type: text/html
Connection: close
---response end---
401 Unauthorized
Closed fd 4
Authorization failed.
Looks like when being asked for a Digest Authorization with MD5, wget
responded with a Basic Authorization. Do you think this is a wget
bug, or is there something on the other end not being properly
presented? I checked RFC 2617 briefly but didn't find anything wrong
on the responses I copied above.
Thanks!
-i