Received: (qmail 13118 invoked from network); 5 Sep 1999 04:14:03 -0000 Message-Id: <199909050413.GAA16693@chill.innovation.ch> Date: Sun, 5 Sep 1999 06:13:53 +0200 (MET DST) From: "Life is hard, and then you die." To: peter_huang@hp.com Cc: apbugs@Apache.Org In-Reply-To: <19990903162033.26744.qmail@hyperreal.org> Subject: Re: mod_auth_digest failed with incorrect nonce value >Number: 4962 >Category: pending >Synopsis: Re: mod_auth_digest failed with incorrect nonce value >Confidential: yes >Severity: serious >Priority: medium >Responsible: ronald@innovation.ch >State: closed >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Sat Sep 4 21:20:00 PDT 1999 >Last-Modified: Sun Sep 5 12:48:02 PDT 1999 >Originator: >Organization: >Release: >Environment: >Description: >How-To-Repeat: >Fix: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: ronald@innovation.ch State-Changed-When: Sun Sep 5 12:48:00 PDT 1999 State-Changed-Why: Ooops - wrong subject in reply. This should have been appended to PR#4957 Responsible-Changed-From-To: gnats-admin-ronald@innovation.ch Responsible-Changed-By: ronald@innovation.ch Responsible-Changed-When: Sun Sep 5 12:48:00 PDT 1999 Responsible-Changed-Why: Just my screwup... >Unformatted: > check_nonce code in mod_auth_digest code does not work correctly in > HP-UX CC compiler where the strcmp(hash, resp->nonce+NONCE_TIME_LEN) > always failed. I modified the mod_auth_digest code to extract the hash > from resp->nonce and it works for HP-UX 10.20 and HPUX 11.0. the diff > is below. Hmm, could explain why the code fails? Is this a bug in the compiler? What optimization flags did you compile the module with, and what happens if you compile w/o optimization? While the patch is basically ok, I completely fail to see why the original code has a problem, and why the patch fixes it. Cheers, Ronald