[mythtv-users] htdigest and Firefox 1.0.8 wrong MD5 hash
Ben Dash
ben_dash at yahoo.com
Wed Jun 28 02:25:06 UTC 2006
I'm trying to set up htdigest authorization on mythweb
and it all seemed very straight forward:
beta ~ # /usr/sbin/htdigest2 -c
/var/www/localhost/.htdigest MythTV mythweb
Adding password for mythweb in realm MythTV.
New password:
Re-type new password:
beta ~ # cat /var/www/localhost/.htdigest
mythweb:MythTV:af9a4134355171d5a0e488e423daa0ea
The problem is that when Firefox 1.0.8 presents its
MD5 hash response to the user name password request
the wrong hash is being generated for some reason;
f577664334d99e89a4fb9473e3116956 instead of
af9a4134355171d5a0e488e423daa0ea.
Does anyone have any idea why?
Here's the complete sniffer trace of the transaction,
0.19 version of mythweb, it seems to work fine without
authentication except for the weather forcast that
seems to hang forever without getting a response:
GET /mythweb HTTP/1.1
Host: beta
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:1.7.13) Gecko/20060430 Firefox/1.0.8
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: cookies=true;
mythweb_id=bd345b0844de510b24dd5305ef9c9327;
mythweb_id=bd345b0844de510b24dd5305ef9c9327
HTTP/1.1 401 Authorization Required
Date: Wed, 28 Jun 2006 02:10:03 GMT
Server: Apache
WWW-Authenticate: Digest realm="MythTV",
nonce="vF1EUD8XBAA=8327d569179accff570419b94eb7902700a5ff6c",
algorithm=MD5, qop="auth"
Content-Length: 455
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache Server at beta Port 80</address>
</body></html>
GET /mythweb HTTP/1.1
Host: beta
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:1.7.13) Gecko/20060430 Firefox/1.0.8
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: cookies=true;
mythweb_id=bd345b0844de510b24dd5305ef9c9327;
mythweb_id=bd345b0844de510b24dd5305ef9c9327
Authorization: Digest username="mythtv",
realm="MythTV",
nonce="vF1EUD8XBAA=8327d569179accff570419b94eb7902700a5ff6c",
uri="/mythweb", algorithm=MD5,
response="f577664334d99e89a4fb9473e3116956", qop=auth,
nc=00000001, cnonce="4b4d868ea7c7a725"
HTTP/1.1 401 Authorization Required
Date: Wed, 28 Jun 2006 02:10:12 GMT
Server: Apache
WWW-Authenticate: Digest realm="MythTV",
nonce="r4DJUD8XBAA=2e93f1cc162ab5b8de78b50fbe30ed7563b5e2b6",
algorithm=MD5, qop="auth"
Content-Length: 455
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<hr>
<address>Apache Server at beta Port 80</address>
</body></html>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the mythtv-users
mailing list