gitorious.org Git - qt:qt.git/commit

author	Bradley Buda <bradleybuda@gmail.com>
	Thu, 11 Jul 2013 00:29:22 +0000 (17:29 -0700)
committer	The Qt Project <gerrit-noreply@qt-project.org>
	Thu, 23 Jan 2014 08:23:57 +0000 (09:23 +0100)
commit	a585f2ae4538287ed57237a571e87a03c5a54207
tree	38549fc8768c48d4281c14fc8b99ed718019f7cc	tree \| snapshot
parent	40db54f8182e427f76c663aec15c3a6a682b3c9f	commit \| diff

Correct algorithm for digest auth when using the CONNECT verb

QHttpSocketEngine fails to authenticate to an HTTP proxy that is using
Digest authentication and the CONNECT method (i.e. when you are
tunneling TLS over HTTP). The bug is due to a bad parameter being
passed to QAuthenticatorPrivate::calculateResponse - the requestMethod
parameter is passed in as "CONNECT " instead of "CONNECT" (note the
trailing space).

Because an MD5 hash is derived from this method when using the
qop="auth" flavor of Digest auth, the hash does not match the expected
value and authentication always fails in this configuration.

(cherry picked from commit 5cab14b8a1dfbb03e22b10af385fb90900a9f280)

Change-Id: Ief025ada714e03d96a316116f6b9f1711ab2a7f7
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>