[mod_auth] send 401 if digest algo not supported

client browsers might remember prior algorithm if algorithm changed; send 401 Unauthorized to reset client browser (sending 400 Bad Request was not user friendly)
2021-02-23 09:27:25 -05:00 · 2021-02-23 09:27:25 -05:00 · 12ac70d0fe
parent a1bb0c0d52
commit 12ac70d0fe
1 changed files with 1 additions and 1 deletions
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@ -1312,7 +1312,7 @@ static handler_t mod_auth_check_digest(request_st * const r, void *p_d, const st
 		log_error(r->conf.errh, __FILE__, __LINE__,
 		  "digest: (%s): invalid", algorithm);
 		buffer_free(b);
-		return mod_auth_send_400_bad_request(r);
+		return mod_auth_send_401_unauthorized_digest(r, require, 0);
 	}

 	/**