Paul Read wrote: > THanks for that information I therefore tweaked > 'AuthDigestParseChallenge' so that Info.Qop is set to 'auth' if no Qop > value is given and now the right MD5 is calculated and the server > accepts the data.
I'd say this is a server-side bug. It obviously understands a RFC 2617 digest however sends an obsolete RFC 2069 WWW-Authenticate response header. If I'm not totally misreading this sentence: "qop-options This directive is optional, but is made so only for backward compatibility with RFC 2069 ;" it means that if the qop directive is missing we have to assume RFC 2069 which calculates the digest differently. That cURL works is perhaps because it doesn't try to support obsolete RFC 2069? -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be