diff options
| author | Sylvain Hellegouarch <sh@defuze.org> | 2008-01-16 22:33:45 +0000 |
|---|---|---|
| committer | Sylvain Hellegouarch <sh@defuze.org> | 2008-01-16 22:33:45 +0000 |
| commit | 667de497d2c6844f5cf336edcb4e7fc68b5f06cc (patch) | |
| tree | 3fe9db73621424df6e7ec1e98b1f18507c99af46 /cherrypy/lib/httpauth.py | |
| parent | 8794203d76e0d099d741452c6d2be7fe7a24d493 (diff) | |
| download | cherrypy-git-667de497d2c6844f5cf336edcb4e7fc68b5f06cc.tar.gz | |
Fixed #759
Diffstat (limited to 'cherrypy/lib/httpauth.py')
| -rw-r--r-- | cherrypy/lib/httpauth.py | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/cherrypy/lib/httpauth.py b/cherrypy/lib/httpauth.py index 2705299a..7b7354e3 100644 --- a/cherrypy/lib/httpauth.py +++ b/cherrypy/lib/httpauth.py @@ -19,7 +19,7 @@ Usage: SUPPORTED_ALGORITHM - list of supported 'Digest' algorithms SUPPORTED_QOP - list of supported 'Digest' 'qop'. """ -__version__ = 1, 0, 0 +__version__ = 1, 0, 1 __author__ = "Tiago Cogumbreiro <cogumbreiro@users.sf.net>" __credits__ = """ Peter van Kampen for its recipe which implement most of Digest authentication: @@ -141,9 +141,14 @@ def _parseDigestAuthorization (auth_params): if not params.has_key(k): return None - # If qop is sent then cnonce and cn MUST be present - if params.has_key("qop") and not params.has_key("cnonce") \ - and params.has_key("cn"): + # If qop is sent then cnonce and nc MUST be present + if params.has_key("qop") and not (params.has_key("cnonce") \ + and params.has_key("nc")): + return None + + # If qop is not sent, neither cnonce nor nc can be present + if (params.has_key("cnonce") or params.has_key("nc")) and \ + not params.has_key("qop"): return None return params |