如何使的libcurl发送摘要认证报头中的每个HTTP数据包？ [英] How to make the libcurl send digest authentication header in each http packet?

问题描述

我有以下功能 http_send_message（）至极我用我想送一个HTTP消息，每次：

I have the following function http_send_message() wich I use each time I want to send a http message:

http_send_message(char *msg_out, char **msg_in)
{
    CURLcode res;
    CURL *curl;

    curl = curl_easy_init();
    if (!curl) return -1;

    curl_easy_setopt(curl, CURLOPT_URL, "http://192.168.1.133:8080/tawtaw");
    curl_easy_setopt(curl, CURLOPT_USERNAME, "tawtaw");
    curl_easy_setopt(curl, CURLOPT_PASSWORD, "tawtaw");
    curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC|CURLAUTH_DIGEST);
        .
        .
        .
   curl_easy_cleanup(curl); 
}

但我每次都在评论的功能发送HTTP消息时，它试图发送一个请求，而不摘要认证头，然后将其与消化认证头发送。在正常情况下，它仅应在该第一消息执行此行为。而对于后续消息应该remeber认证头以及每个消息中发送

But I remarked in each time the function send the http message, it try to send a request without the digest authentication header and then it send it with the digest authentication header. In normal case It should do this behaviour only in the first message. And for the subsequent messages it should remeber the authentication header and send it in each message

推荐答案

要获得你需要这样的行为的再利用你卷曲处理作为后续调用，以充分利用持久连接和 HTTP摘要认证请求计数器：

To obtain such a behavior you need to re-use you curl handle for the subsequent calls to take full advantage of persistent connections and Digest Access Authentication request counter:

[...]客户端可能会使另一个请求，重用服务器随机数值（服务器只发出对每一个401响应新的随机数），但提供了一个新的客户端随机数（cnonce）。对于后续的请求，十六进制请求计数器（NC）必须比以前的最后一个值大于

[...] the client may make another request, reusing the server nonce value (the server only issues a new nonce for each "401" response) but providing a new client nonce (cnonce). For subsequent requests, the hexadecimal request counter (nc) must be greater than the last value it used

在实践中不清理你的卷曲处理。相反，维护它，一旦需要执行另一项要求：

In practice do not clean up your curl handle. Instead maintain it and as soon as you need to perform another request:

• 与 curl_easy_reset 功能重置： curl_easy_reset （卷曲）;


• 然后重新设置选项。

• reset it with the curl_easy_reset function: curl_easy_reset(curl);
• then re-set your options.

如果您使用 CURLOPT_VERBOSE 选项，你会看到，你将有一个授权头后续请求（ NC = 00000002 ， NC = 00000003 等）越来越请求计数器。

If you use the CURLOPT_VERBOSE option you will see that for the subsequent requests you will have an Authorization header with an increasing request counter (nc=00000002, nc=00000003, etc).

这篇关于如何使的libcurl发送摘要认证报头中的每个HTTP数据包？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！