1 files changed, 19 insertions, 8 deletions

diff --git a/auth/auth_digest.c b/auth/auth_digest.c
index 2e29180..1c4adf0 100644
--- a/auth/auth_digest.c
+++ b/auth/auth_digest.c
@@ -358,13 +358,15 @@ serf__init_digest_connection(int code,
 }
 
 apr_status_t
-serf__setup_request_digest_auth(int code,
+serf__setup_request_digest_auth(peer_t peer,
+                                int code,
                                 serf_connection_t *conn,
+                                serf_request_t *request,
                                 const char *method,
                                 const char *uri,
                                 serf_bucket_t *hdrs_bkt)
 {
-    digest_authn_info_t *digest_info = (code == 401) ? conn->authn_baton :
+    digest_authn_info_t *digest_info = (peer == HOST) ? conn->authn_baton :
         conn->proxy_authn_baton;
     apr_status_t status = APR_SUCCESS;
 
@@ -372,11 +374,13 @@ serf__setup_request_digest_auth(int code,
         const char *value;
         apr_uri_t parsed_uri;
 
-        /* extract path from uri */
+        /* TODO: per request pool? */
+
+        /* Extract path from uri. */
         status = apr_uri_parse(conn->pool, uri, &parsed_uri);
 
         /* Build a new Authorization header. */
-        digest_info->header = (code == 401) ? "Authorization" :
+        digest_info->header = (peer == HOST) ? "Authorization" :
             "Proxy-Authorization";
         value = build_auth_header(digest_info, parsed_uri.path, method,
                                   conn->pool);
@@ -384,13 +388,19 @@ serf__setup_request_digest_auth(int code,
         serf_bucket_headers_setn(hdrs_bkt, digest_info->header,
                                  value);
         digest_info->digest_nc++;
+
+        /* Store the uri of this request on the serf_request_t object, to make
+           it available when validating the Authentication-Info header of the
+           matching response. */
+        request->auth_baton = parsed_uri.path;
     }
 
     return status;
 }
 
 apr_status_t
-serf__validate_response_digest_auth(int code,
+serf__validate_response_digest_auth(peer_t peer,
+                                    int code,
                                     serf_connection_t *conn,
                                     serf_request_t *request,
                                     serf_bucket_t *response,
@@ -403,13 +413,13 @@ serf__validate_response_digest_auth(int code,
     const char *qop = NULL;
     const char *nc_str = NULL;
     serf_bucket_t *hdrs;
-    digest_authn_info_t *digest_info = (code == 401) ? conn->authn_baton :
+    digest_authn_info_t *digest_info = (peer == HOST) ? conn->authn_baton :
         conn->proxy_authn_baton;
 
     hdrs = serf_bucket_response_get_headers(response);
 
     /* Need a copy cuz we're going to write NUL characters into the string.  */
-    if (code == 401)
+    if (peer == HOST)
         auth_attr = apr_pstrdup(pool,
             serf_bucket_headers_get(hdrs, "Authentication-Info"));
     else
@@ -457,8 +467,9 @@ serf__validate_response_digest_auth(int code,
     if (rspauth) {
         const char *ha2, *tmp, *resp_hdr_hex;
         unsigned char resp_hdr[APR_MD5_DIGESTSIZE];
+        const char *req_uri = request->auth_baton;
 
-        ha2 = build_digest_ha2(conn->host_info.path, "", qop, pool);
+        ha2 = build_digest_ha2(req_uri, "", qop, pool);
         tmp = apr_psprintf(pool, "%s:%s:%s:%s:%s:%s",
                            digest_info->ha1, digest_info->nonce, nc_str,
                            digest_info->cnonce, digest_info->qop, ha2);