[mod_auth] send 401 if digest algo not supported

client browsers might remember prior algorithm if algorithm changed; send 401 Unauthorized to reset client browser (sending 400 Bad Request was not user friendly)
author: Glenn Strauss <gstrauss@gluelogic.com> 2021-02-23 09:27:25 -0500
committer: Glenn Strauss <gstrauss@gluelogic.com> 2021-02-23 09:29:26 -0500
commit: 12ac70d0fe7c0634b9112c0240b841df69be4c7e (patch)
tree: d7adfdd542e2d8aed2d08a70f985c261e94553a6 /src/mod_auth.c
parent: a1bb0c0d52a278b6ff7807a9a57af32d4755ceba (diff)
download: lighttpd-git-12ac70d0fe7c0634b9112c0240b841df69be4c7e.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/mod_auth.c b/src/mod_auth.c
index 943c2f9a..45ed5565 100644
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@@ -1312,7 +1312,7 @@ static handler_t mod_auth_check_digest(request_st * const r, void *p_d, const st
 		log_error(r->conf.errh, __FILE__, __LINE__,
 		  "digest: (%s): invalid", algorithm);
 		buffer_free(b);
-		return mod_auth_send_400_bad_request(r);
+		return mod_auth_send_401_unauthorized_digest(r, require, 0);
 	}
 
 	/**
author	Glenn Strauss <gstrauss@gluelogic.com>	2021-02-23 09:27:25 -0500
committer	Glenn Strauss <gstrauss@gluelogic.com>	2021-02-23 09:29:26 -0500
commit	12ac70d0fe7c0634b9112c0240b841df69be4c7e (patch)
tree	d7adfdd542e2d8aed2d08a70f985c261e94553a6 /src/mod_auth.c
parent	a1bb0c0d52a278b6ff7807a9a57af32d4755ceba (diff)
download	lighttpd-git-12ac70d0fe7c0634b9112c0240b841df69be4c7e.tar.gz