Nmap Development mailing list archives
Re: [NSE] Changes to http-auth
From: David Fifield <david () bamsoftware com>
Date: Sun, 18 Dec 2011 16:22:15 -0800
On Sat, Dec 17, 2011 at 10:46:15PM +0100, Patrik Karlsson wrote:
Hi all, I've reworked the http-auth to handle multiple Authentication headers being returned from the server.
Didn't it work that way before? The http library should join together multiple headers with a comma, and http.parse_www_authenticate should know how to deal with that. Manually parsing answer.rawheader seems wrong--http.parse_header does that already, including some tricky cases. I tested locally against a dummy server offering Basic and Digest and it worked before your patch. What did you run into that caused you to have to change it? ncat -l 8080 --sh-exec 'cat auth.http' -k David Fifield
Attachment:
auth.http
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Changes to http-auth Patrik Karlsson (Dec 17)
- Re: [NSE] Changes to http-auth David Fifield (Dec 18)
- Re: [NSE] Changes to http-auth Patrik Karlsson (Dec 18)
- RE: [NSE] Changes to http-auth Rob Nicholls (Dec 18)
- RE: [NSE] Changes to http-auth Rob Nicholls (Dec 19)
- Re: [NSE] Changes to http-auth Patrik Karlsson (Dec 19)
- Re: [NSE] Changes to http-auth David Fifield (Dec 19)
- Re: [NSE] Changes to http-auth Patrik Karlsson (Dec 18)
- Re: [NSE] Changes to http-auth David Fifield (Dec 18)