Received: by taz.hyperreal.com (8.6.12/8.6.5) id MAA24975;
 Wed, 29 May 1996 12:52:23 -0700
Received: from mail.barrnet.net by taz.hyperreal.com (8.6.12/8.6.5) with ESMTP
 id MAA24968; Wed, 29 May 1996 12:52:20 -0700
Received: from ace.nueva.pvt.k12.ca.us (ace.nueva.pvt.k12.ca.us [198.31.42.1])
 by mail.barrnet.net (8.7.5/MAIL-RELAY-LEN) with ESMTP id MAA22500;
 Wed, 29 May 1996 12:52:12 -0700 (PDT)
Received: from localhost by ace.nueva.pvt.k12.ca.us with SMTP
	(1.37.109.16/15.5+ECS 3.3+HPL1.1) id AA121239531;
 Wed, 29 May 1996 12:52:11 -0700
Date: Wed, 29 May 1996 12:52:11 -0700 (PDT)
From: Alexei Kosut <akosut@nueva.pvt.k12.ca.us>
To: jk@tools.de
Cc: new-httpd@hyperreal.com
Subject: Re: WWW Form Bug Report: "mod_digest.c performs too many auth checks"
 on Solaris 2.x (fwd)
In-Reply-To: <Pine.SOL.3.91.960529114914.2482B-100000@bauhaus.organic.com>
Message-Id: <Pine.HPP.3.93.960529124923.11891A-100000@ace.nueva.pvt.k12.ca.us>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@hyperreal.com

On Wed, 29 May 1996, jk@tools.de wrote:

> digest_check_auth performs auth checks for 
> requests that do not use "Digest" authorization:

[snip]

> I think digest_check_auth should first make sure
> that the request really uses "Digest" Authorization
> before checking anything.

Thanks for the bug report and the patch. We'll take a look at it, and
consider it for inclusion in the next release of Apache, but at a
first glance, you appear to be correct.

Thanks for using Apache!

-- 
________________________________________________________________________
Alexei Kosut <akosut@nueva.pvt.k12.ca.us>      The Apache HTTP Server
URL: http://www.nueva.pvt.k12.ca.us/~akosut/   http://www.apache.org/
 
      "War does not determine who is right, only who is left."